Alert: Phishing Emails Impersonating SFC Executives Circulating
Release Date: 2025-10-08
Recently, our Association received reports from the industry that malicious actors have been impersonating senior SFC personnel (for example, Chief Financial Officer Mr. WAN Chi Yiu Andrew) and sending fraudulent emails requesting recipients to confirm email addresses or provide contact details. These messages are phishing attacks intended to steal sensitive information or deploy malware.
The modus operandi of these scams closely matches the situation described in the SFC’s notice issued in August of this year. The perpetrators use forged domains (for example, “@sfc.hk.slotsitesxuk.org” and “@sfc.hk.zitirxsend.com”) to impersonate official email addresses and have been carrying out targeted attacks against licensed corporations and licensed individuals, posing a very high risk.
We urge all industry colleagues to:
1. Never click links or open attachments in emails from unknown sources;
2. Carefully verify that the sender’s domain is the SFC’s official domain (@sfc.hk);
3. If in doubt, verify directly through official channels (such as the contact information published on the SFC website);
4. If you have mistakenly replied to a suspicious email, immediately contact your communications or cybersecurity team and change relevant passwords.
The SFC will never request sensitive information via non-official email domains. Please remain vigilant to prevent fraud.
The SFC issued the related circular on 20 August 2025.
Public warned of impersonation scams carried out in the name of SFC
https://apps.sfc.hk/edistributionWeb/gateway/EN/news-and-announcements/news/corporate-news/doc?refNo=25PR126
Your sincerely
Hong Kong Securities & Futures Professionals Association
The modus operandi of these scams closely matches the situation described in the SFC’s notice issued in August of this year. The perpetrators use forged domains (for example, “@sfc.hk.slotsitesxuk.org” and “@sfc.hk.zitirxsend.com”) to impersonate official email addresses and have been carrying out targeted attacks against licensed corporations and licensed individuals, posing a very high risk.
We urge all industry colleagues to:
1. Never click links or open attachments in emails from unknown sources;
2. Carefully verify that the sender’s domain is the SFC’s official domain (@sfc.hk);
3. If in doubt, verify directly through official channels (such as the contact information published on the SFC website);
4. If you have mistakenly replied to a suspicious email, immediately contact your communications or cybersecurity team and change relevant passwords.
The SFC will never request sensitive information via non-official email domains. Please remain vigilant to prevent fraud.
The SFC issued the related circular on 20 August 2025.
Public warned of impersonation scams carried out in the name of SFC
https://apps.sfc.hk/edistributionWeb/gateway/EN/news-and-announcements/news/corporate-news/doc?refNo=25PR126
Your sincerely
Hong Kong Securities & Futures Professionals Association