Cybercrime & Internet Fraud

With the rapid developments associated with information technology, the computer and the internet and an increasingly complex web infrastructure, there is a rising potential for them to be exploited for carrying out criminal activities. Any business could be a victim to cybercrime as a result of sophisticated email scams. Typical ones may include hacking into email accounts of small and medium enterprises and obtaining sensitive information relating to financial information or phishing email to senior officers of a company which asks for a transfer of fund to a fraudster.

We have vast experience in dealing with legal matters arising from cybercrime and internet fraud. Our scope of services generally includes:

  • working with the Joint Financial Intelligence Unit (JFIU) to stop any fraudulent transfer of funds;
  • recovering funds transferred consequential to cybercrime and internet fraud;
  • freezing and disclosure orders;
  • advising clients on complex issues associated with both personal and sensitive business data including its use, storage, disclosure and destruction;
  • advising clients on legal compliance relating to privacy and security risk on cybercrime and cybersecurity; and
  • advising clients on cyber risk management and incident response solutions. 

We have acted for a number of clients who had been victims to cybercrime and internet fraud. In particular, we have provided instant incident response solutions to our clients in the hope of protecting them from potential and/or actual incidents of cybercrime and internet fraud. We have also been able to assist our clients in recovering funds transferred consequential to cybercrime. 

ONC Lawyers has been publishing newsletters and holding seminars on cybercrime and internet fraud. If you suspect you are a victim of cybercrime, ONC Lawyers is able to respond and assist in a timely manner. 

If you would like to know more about our cybercrime & internet fraud practice or how we can help your business, please contact us at (852) 2810 1212 or at .

Please refer to our articles in ‘Knowledge’

Recommended Posts

Email fraud cases: How best to recover the scammed funds
Not surprisingly, cybercrimes come along with the development of technology. The Hong Kong courts have considered many cases of cybercrimes, in particular email scams, in which the fraudsters found ways to deceive the victims into transferring money to unauthorised accounts in Hong Kong. Such bank account holders might be part of the fraud group as perpetrators or colluders, or they might be innocent recipients. Deputy High Court Judge Cooney SC in Halliburton BV Merkezi Hollanda Ankara Merkez Turkiye Subesi v Sheng Yi (HK) Trade Co Ltd and Ors HCA 1627/2016 laid the foundation of a procedural “shortcut” for the victims to recover their defrauded money by obtaining a vesting order under s.52 of the Trustee Ordinance (Cap. 29), which has the effect of compelling the recipient’s bank to transfer the money back to the victim’s account, alongside the obtaining of a default judgment. This is a “shortcut” way of getting the scammed money back because the other route would be to sue the defendants for the scammed money that they have received, obtained a judgment and then apply to enforce the judgment by applying for an order to compel the bank to pay the scammed funds to the victim to satisfy the judgment. By the granting of a vesting order under the judgment granted, it would compel the bank to pay over the scammed funds without the need to apply to enforce the judgment. Since then, this procedural shortcut has not been questioned until lately. This article is going to look at several recent cases, in which the courts conducted a meticulous examination in relation to the applicability of vesting orders under s.52 of the Trustee Ordinance in the email scam scenarios.
DDoS attack – cybercrime for misusing a victim’s computer through the victim’s website
In a recent case HKSAR v Chu Tsun Wai [2019] HKCFA 3, the Court of Final Appeal (“CFA”) set out the basis to which a cyber-attacker may be found guilty for damaging the other’s property by misusing the victim’s computer through the victim’s website.
Injunction against violent online messages: Will online platform administrators be held liable?
Since the citywide protest movement that began in June this year, internet-based practice of disseminating and broadcasting materials and information with a malicious intent to incite violence had become increasingly common, especially on certain internet messaging platforms and smartphone apps. On 31 October 2019, the High Court of Hong Kong granted an interim injunction, in response to an application filed by the Secretary for Justice of Hong Kong, to ban anyone from posting or spreading messages online inciting the use or threat of violence that would cause “bodily injury to any person unlawfully” as well as “damage to any property unlawfully”. Recently, the Injunction was challenged by the Internet Society of Hong Kong Limited (HCA 2007 / 2019), which has over 1,890 members who work in the development, operation and use of internet connected and internet-based applications, platforms and media, seeking the discharge of the Injunction or variation of its terms. Hon Coleman J of the Court of First Instance of the High Court ruled that the Injunction shall not be discharged. Nonetheless, the terms of Injunction were slightly amended to protect the innocent internet providers and online platform administrators.
Back to top