Technological crimes in Hong Kong dropped in frequency last year, but the financial toll on victims rose sharply as scammers moved away from credit card fraud toward the total takeover of digital accounts, police said.
Data released by authorities showed that 31,571 tech-related crimes were recorded in 2025, a 6.9 percent decrease from the previous year. Despite the decline in cases, total financial losses jumped 23.2 percent to HK$6.32 billion (US$807 million).
The trend was even more pronounced in phishing cases. While the number of incidents fell by 60 percent to 1,093 last year, the money lost more than doubled, surging 112.9 percent to HK$110 million.
Police officials said the shift in tactics explains the discrepancy. Unlike traditional scams that targeted credit card information — where spending limits often capped the damage — modern attacks aim for full control of social media, messaging, and financial accounts.
“Once they have taken over your accounts, they can get away with all your money, so it drives the amounts to become bigger,” said Acting Senior Superintendent Rachel Hui of the Cyber Security and Technology Crime Bureau.
Chief Inspector Leung Yee-tak highlighted a significant wave of phishing attacks last year specifically targeting securities accounts. In those cases alone, victims reported HK$45 million in losses after culprits gained control of the accounts and drained the funds.
In response to the spike in high-value theft, police collaborated with the Securities and Futures Commission to issue public warnings and worked with telecommunications regulators to block fraudulent sender IDs. Leung noted that these interventions led to a temporary drop in such cases.
However, the threat remains widespread. Hui noted that 90 percent of phishing attempts now reach victims via SMS and messaging apps. Scammers frequently impersonate banks, delivery services, and government agencies using lures such as fake parcel notifications or urgent account suspension alerts.
Authorities are urging the public to exercise extreme caution, advising against clicking unsolicited links or downloading attachments. Police emphasized that even requests from seemingly trusted sources should be treated with suspicion when they involve sensitive personal data.
