Self Help Guide for Security Incidents
Scenario | Cause | Immediate Action |
---|---|---|
Web Mail Account Theft
|
|
* If you decide to report to police, click here. * For remedial actions, click here. |
Email Scam
|
|
* If you decide to report to police, click here. * For remedial actions, click here. |
- You should preserve the following as evidence:
- Any email message in your account. Not only the content but also the email header should be preserved.
- Any log in your server/router/computer, e.g. firewall log, anti-virus application log.
- How to report:
- Provide examples of email messages related to the incident when reporting.
- Report to nearby police stations or via web form.
Further information: Considerations in the collection of evidence (OGCIO)
- Check any infection of your server/computer:
- Clean your computer with anti-virus application if there is any.
- Apply any software update of your OS and applications.
- There may be a chance that other online services are also affected. Use a clean computer to check the access of these services. Also use different passwords for different services.
- Banks and most online services would not request users to provide their login information via email.
- Also advise your business partner involved in the incident to check their computers. It is possible that their computers or network are infected which lead to the scam email message.
Related Information
- Security Defense Tools (HKCERT)
- Malware Defense Guideline / Document Malware Defense Guideline (HKCERT)
- Police Appeal : Beware of Email Scam "Verify Suspicious E-mails Uncover Online Swindlers" (HKCERT)
- Legal and Contractual Considerations of a Security Incident Response (OGCIO)
- Security Incident Handling for Individuals / Companies (OGCIO)
- Related Ordinances (OGCIO)
- Phishing Attack Alerts (OGCIO)
- Rights of Victims and Witnesses of Crime (Hong Kong Police Force)
- Beware of Fraudsters! (Hong Kong Monetary Authority)