Release Date: 22 May 2026
Type: Phishing
Phishing Alert
Current Status and Related Trends
mickmick.net reminds the public that fraudsters have
recently been using fake government institution and well-known brand websites
to carry out various phishing attacks. These include fake websites
impersonating the “Anti-Deception Coordination Centre (ADCC)”, as well as
phishing pages posing as logistics services, financial institutions, retail
platforms, and online services.
Scammers have set up fake ADCC websites claiming to offer
services such as assistance in recovering scam losses, free verification, and
free consultation with professional legal teams. These sites also use
fabricated success stories, case sharing, and FAQ content, claiming that “even
if more than a month has passed since the scam, there is still a high chance of
recovering the funds”, in order to increase credibility and lure victims into
contacting them. In reality, such websites are a form of secondary scam
targeting existing victims.
In addition, mickmick.net has found that fraudsters have
created multiple phishing websites impersonating local organisations, logistics
services, financial institutions, travel platforms, and entertainment services,
in order to trick users into entering personal information, account
credentials, or payment details for further fraud or account theft.
Fake “Anti-Deception Coordination Centre (ADCC)” Websites
- It
uses phrases such as “free consultation” or “free
investigation” to lure victims into making contact.
- After
users click “Get Immediate Online Help and Checking”, they are
redirected to a fake WhatsApp webpage, where a one-on-one
conversation is initiated to further obtain sensitive personal information
or demand payment.
- It
even fabricates successful recovery cases and displays claims such
as “successfully recovered,” “safe and secure,” and “full
recovery,” while showcasing fake professional legal teams to
enhance credibility.
- The
FAQ section of these websites may claim that “even if more than
one month has passed since being scammed, there is still a high chance of
recovery,” further luring victims.
- The
public should note that the official website of the ADCC is: adcc.gov.hk,
and the official hotline is only “Anti-Scam Helpline 18222.”
Other Phishing Websites Observed by mickmick.net
Apart from fake ADCC websites, mickmick.net has also
observed multiple phishing websites impersonating local institutions, logistics
services, financial institutions, travel platforms, and entertainment services
under different themes:
- A
fake Cainiao Hong Kong logistics website claiming that
parcel delivery failed and asking users to reconfirm their address and pay
a fee, thereby stealing personal information and credit card details.
- Fake
verification pages for insurance company Prudential, financial
services company Manulife, and a fake Disney+ login
page, prompting users to enter login credentials or personal information.
- A
fake Wellcome online store page displaying promotional
offers such as 12% off or 15% off, tricking
users to make payments and submit credit card details.
- Fake Klook travel
platform page, fake Cathay Pacific mileage redemption
page, and fake e-MPF platform page.
Characteristics of Suspicious Websites
Based on the above cases, these phishing websites share the
following common features:
- Generally
imitate the design and operating flow of official websites to mislead
users into believing they are legitimate platforms.
- Use
domain names that resemble well-known brands but are not identical.
- Use
of domain names that are similar to, but different from, those of
legitimate websites, including the use of less common top-level domains
such as .lol, .cyou, and .top
- Some
of the suspicious domains are newly registered.
- Imitate
the design and interaction flow of official websites.
- Use
themes such as “abnormal order,” “security verification,” “points
redemption,” or “special offers” as bait to increase the likelihood of
users clicking and taking action.
mickmick.net has found that fraudsters are using phishing
websites under different themes to launch large-scale distributed attacks,
combining tactics such as official impersonation, brand imitation, and social
engineering to improve their success rate.
In particular, for people who have already been scammed,
fraudsters use fake ADCC websites and so-called professional teams, together
with claims of being able to recover scammed funds, to carry out secondary
scams and further steal money and sensitive data.
The public should remain vigilant and must not trust any
website or contact method claiming it can quickly or highly likely recover scam
losses. If in doubt, always verify information through official channels to
protect personal and financial security.
Security Advice for the Public
mickmick.net reminds members of the public to:
- Carefully
verify the full URL. Official government websites generally use
the “.gov.hk” domain. The URLs of phishing websites are often
very similar to those of official websites, but may differ slightly in
spelling, word order or top-level domain. Users should carefully verify
that the URL is correct before entering any information.
- Do
not handle scam cases through instant messaging platforms. Official
agencies generally do not instruct users via WhatsApp to recover money or
transfer funds.
- Stay
cautious of services claiming they can help recover money. Such services
may be secondary scams.
- Avoid
clicking on unknown or unverified links. Whether a link comes from email,
text message, social media, instant messaging platforms or search engine
adverts, users should not click on it unless its authenticity has been
confirmed.
- Do
not enter personal or payment information on suspicious websites. If the
source of a website is unclear, or if the domain name does not match the
official website, users should not enter their name, telephone number,
email address, credit card information, verification code or other
sensitive information.
- It
is advisable to type the official website address directly into the
browser. Avoid entering websites through search engine ads or unknown
links.
If Information Has Been Submitted, the Following Actions
Should Be Taken Immediately
If members of the public suspect that they have entered
personal information or credit card information on a suspicious website, they
should take the following steps as soon as possible:
- Stop
all contact with the other party immediately;
- Do
not provide any further personal or financial information;
- Immediately
contact the relevant bank or credit card issuer to report the incident and
request appropriate protective measures;
- Closely
monitor bank account and credit card transaction records to check whether
any unauthorised transactions have occurred;
- Call
the Hong Kong Police Force Anti-Deception Coordination Centre hotline
“Anti-Scam Helpline 18222” for assistance;
- Retain
relevant records, including website screenshots, text messages, emails,
payment notifications and transaction records, for future follow-up or
reporting purposes.
