In the epoch of the Internet, technology advancement has changed the way we live. Meanwhile, it has also facilitated scammers to devise new ploys in perpetrating internet fraud schemes.
Last year, the scam of Elon Musk’s Crypto giveaway hit the headlines in the United States and worldwide. Scammers masqueraded as Elon Musk and tweeted a link, inviting the public to a bitcoin investment that promised doubling returns. The link appeared to have all the qualities of a ‘professional-looking’ website purportedly operated by Musk’s Tesla team, which manifested a giveaway party in full swing.
At the end unfortunately, the promised yield never materialized. Investigations later on revealed that perpetrators had profited about US$2 million over the period of two months before the scam fully detected and revealed to the greater public.
Sadly, this was only one of the many online scams that internet users (“Users”) have fallen prey to. In furtherance to sweepstakes scam as the above, other common forms of fraudulent websites include false security alerts, fake online shops and phishing links that are deceptively similar to real legitimate sites.
5 red flags to identify a scam website
When browsing through websites from unverified sources, check for the following warning signs that may indicate a scam: –
- Urgency verbiage: While the form of scam websites could vary from case to case, they all boil down to one fundamental tactic – manipulating Users’ emotion so as to blunt their skeptical instincts. This is done by creating a sense of urgency that calls for Users’ immediate action without giving a second thought or conducting any verification. For instance, cyber criminals who design scareware sites stir fears of Users and drive them to install the malware in no time. Likewise, discounts, prize giveaways and irresistible investment opportunities that are time-sensitive heighten Users’ optimism which lure them to pay upfront.
- Offers that are too good to be true: “If something seems too good to be true, it probably is.” While consumers strive to make wise choices and take all good bargains, one should differentiate a good deal from a senseless deal. Equally, it is one thing to invest in assets in anticipation of greater payoff in the future; it is another to expect overpromising returns with none or negligible input. Users should be on guard when they encounter offers that simply make no commercial sense. Further, the website appears to be even more suspicious with exaggerated slogans bragging about their incredible sales volume or investment subscriptions.
- Sloppy contents and website interface: Scammers typically aim to perpetrate the fraud scheme with the least possible efforts. In this regard, odd layouts, use of lowresolution images and sloppy writings are all indications of an unauthentic website that was created in a trice.
- Peculiar URLs: Even if the website outlook appears to be legitimate with mistakes-free contents, Users should also check on the subtle details such as the website’s domain name and extensions. An URL that does not correspond to the website contents, is exceedingly long or encompasses spelling errors rings the alarm. In addition, advanced swindlers might mimic a legitimate website by replacing several letters of its URL with similar characters.
- No padlock icon and “https”: A padlock icon and “https” in the toolbar signifies that the connection to the website is encrypted and is Secure Sockets Layer (SSL) or Transport Layer Security (TSL) certified, meaning that it is a website which data can be securely exchanged with. Although the padlock icon does not necessarily mean that the contents of the website are verified, absence of such is definitely a red flag.
When an internet scam is uncovered, it is imperative for the victim to contact the bank and seek a reversal of transfer if the situation involves wire transfer, report to the Hong Kong Police (“Police”) immediately, and commence civil action thereafter.
“No consent” regime
Upon receiving the report, the Joint Financial Intelligence Unit (JFIU) of the Police may issue a “no consent” letter to the respective recipient banks involved, indicating that the Police does not consent to any fund transfer of the relevant recipients’ accounts (“Recipients’ Accounts”). The “no consent” letter is not a binding notice which the banks must strictly comply with. Indeed, it merely supports the banks’ knowledge and belief that the funds of the Recipients’ Accounts represent proceeds of an indictable offence. Given that section 25 of the Organized and Serious Crimes Ordinance renders it an offence for any party to deal with property known or believed to represent proceeds of indictable offence, banks would generally freeze the Recipients’ Accounts to avoid violating the same. More information on the “No Consent” Regime can be found in our previous newsletter ‘Navigating the money laundering minefield – the Court of Appeal dismissed the constitutional challenge against the “no consent” regime’
Bearing in mind that the “no consent” letter is not a court order and that the financial institutions retain the ultimate decision in freezing the Recipients’ Accounts, the victim should simultaneously instigate civil action for recovery of the defrauded funds.
1. Disclosure order: Where a fraud scheme involves multi-layered recipients (“Recipients”), the victim would have to trace the defrauded funds through a Bankers Trust order pursuant to section 21 of the Evidence Ordinance. The Bankers Trust order mandates the relevant banks to disclose particulars of the Recipients’ Accounts including all relevant transaction records and the remaining balance.
2. Freezing order: The significance of an injunction is to restrain the Recipients from disposing of, or dissipating, their assets before the court delivers the judgment, rendering the same unenforceable. The victim may apply for either proprietary injunction or Mareva injunction, or apply for both simultaneously. Proprietary injunction is premised on the victim’s proprietary claim in the defrauded funds transferred, and thus the Recipients are deemed to hold such funds on constructive trust. On the other hand, the objective of Mareva injunction is broader in that it is to prevent the Recipients from dealing with their assets, ensuring that the Recipients would have sufficient means in satisfying a judgment regardless of whether the victim has a valid proprietary claim over the frozen funds.
3. Obtaining judgment: To recover the defrauded sum, the victim may rely on several grounds including (a) fraud; (b) unjust enrichment; and (c) constructive trust. It would be an uphill battle to establish fraud given the high threshold and high level of evidence required in succeeding the same. Further, the Recipients might not always be the fraudsters who orchestrate the entire scam and hence, fraud stands as the exception to obtaining a summary judgment as the case may proceed. In this connection, unless the facts reveal a strong case in pleading fraud against all Recipients, it would be prudent to rely on unjust enrichment and/or constructive trust.
In most of the cases, the fraudsters and/or Recipients would not appear to contest the proceedings, and thus the victim may obtain default judgment.
4. Enforcement: As a final step, upon obtaining judgment against the Recipients, the victim may serve a garnishee order on the relevant banks to seek the release of funds from the Recipients’ Accounts. In the event where the victim has secured a Default Judgment, he may proceed to obtain a vesting order pursuant to section 52 of the Trustee Ordinance, and thereby compel the relevant banks to transfer the defrauded sums to the victim.
In this time and age, cyber fraud remains to be on the rise and Users should always stay vigilant while interacting with different websites. Where an internet user is unfortunately victimized in an online scam, he should report to the bank and police in a timely manner, and seek appropriate legal advice in recovering the scammed funds.