The Hong Kong Securities and Futures Commission (SFC) issued an alert warning that fraudsters are impersonating the SFC in phishing emails and other unsolicited communications targeting SFC-licensed corporations, their staff and members of the investing public. The scams seek to prompt recipients to reply, click embedded links that can install malware or ransomware, or provide personal or contact details under false pretences, and often use fake email addresses that closely resemble the SFC’s official domain. The SFC stressed that its only official email domain is @sfc.hk and noted that scammers may manipulate sender display names to appear legitimate, advising recipients to verify any purported SFC communications through official channels, avoid responding or transferring money or account details, and report suspected impersonation or suspicious communications to the SFC or the Police.
Hong Kong Securities & Futures Commission 2026-02-12
Hong Kong Securities and Futures Commission warns of phishing scams impersonating SFC personnel
The Hong Kong Securities and Futures Commission (SFC) issued an alert about fraudsters impersonating the SFC in phishing emails targeting SFC-licensed corporations and the public, urging verification of communications through official channels and reporting suspicious activity to the SFC or Police.