Skip to main content

HKCERT Territory-wide Drill Targets Web Forum Phishing Scams

Release Date: 11 Nov 2011 4190 Views

With increasing phishing scams on popular web forums being discovered, the local information security watchdog, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), recently (4 November 2011) conducted a territory-wide drill to raise the preparedness of the administrators of local web forums in handling such threats.

 

According to HKCERT, managed by the Hong Kong Productivity Council (HKPC), the total number of phishing cases reported to the centre has increased steadily by around 13% per annum, from 232 in 2008 to 298 in 2010.

 

Mr Roy Ko, Principal Consultant (IT Industry Development) of HKPC and Manager of HKCERT, said, “The alarming trend urgently demands collective efforts to handle messages with malicious links and to take appropriate action against the perpetrators.”

 

With “Handling Phishing Scams on Web Forum” being the theme of the drill, various scenarios of phishing messages were simulated which required immediate actions by participating organizations. They included the Hong Kong Police, the Office of the Government Chief Information Officer, and key players in the web forum community (Appendix for Full List).

 

The drill successfully identified and contained simulated phishing messages in the web forums and traced them to their source. It also tested the incident handling procedures of various parties.

Mr Ko noted that, “While participants have found the drill a useful exercise, we have identified a number of areas for further improvement. It was also encouraging that some major forums and their members are quick to respond to these simulated threats.”

 

Mr Roy Ko, Principal Consultant (IT Industry Development) of HKPC and Manager of HKCERT, (second from left) monitors the drill at the command centre with representatives of the Office of the Government Chief Information Officer

 


 

Appendix
Hong Kong Cyber Security Incident Response Drill 2011
List of Participating Organizations

  • Hong Kong Computer Emergency Response Team Coordination Centre
  • Hong Kong Police Force, HKSAR Government
  • Office of the Government Chief Information Officer, HKSAR Government
  • Hong Kong Golden Forum
  • Baby Kingdom
  • 3boys2girls