Hong Kong is seeing fewer technology-related crimes, but the financial toll on victims is climbing sharply - a shift police attribute to scammers moving away from credit card fraud and towards full account takeovers.

According to police data, 31,571 tech crime cases were recorded in 2025, a 6.9 percent drop from the previous year. Yet total losses surged 23.2 percent, rising to HK$6.32 billion last year.

A similar trend was observed in phishing cases. While such incidents fell by 60 percent to 1,093 last year - the amount of money lost more than doubled, jumping 112.9 percent from HK$50 million to HK$110 million over the same period.

Acting Senior Superintendent Rachel Hui of the Cyber Security and Technology Crime Bureau (CSTCB) said that traditional phishing scams typically targeted credit card details, but spending limits on cards helped cap potential losses.

"Recently, you would find that bogus websites or links attached in SMS and emails are usually aimed to take over your accounts - no matter if it is your social media accounts, WhatsApp accounts, bank accounts or securities accounts," she said.

"Once they have taken over your accounts, they can get away all your money, so it drives to the amounts becoming bigger."

Chief Inspector Leung Yee-tak pointed to a specific wave of phishing cases last year that targeted securities accounts. Victims reported HK$45 million in losses from those cases alone.

"The culprits just took over control of the security accounts of the victims and just moved all the money away," he said.

In response, police worked with the Securities and Futures Commission to issue public warnings and circulars.

They also partnered with mobile network operators and the Office of the Communications Authority to block fraudulent sender IDs.

"We saw a drop of that kind of cases in a short period of time," Leung noted.

The broader trend, however, remains concerning with Hui pointing out that 90 percent of phishing cases now arrive via SMS and messaging apps.

Scammers typically impersonated banks, delivery services and government agencies.

Fake parcel notifications, account suspension alerts and authentication requests, Hui said, are among the most prevalent lures.

She advised the public to never click on unsolicited links or download attachments, refrain from sharing sensitive data and treat unexpected requests - even from seemingly trusted sources - with caution.



Edited by Azam Khan