A recent wave of SMS phishing scams has exposedserious vulnerabilities in brokers’ defenses, prompting Hong Kong’s Securitiesand Futures Commission (SFC) to issue fresh guidance aimed at safeguardinginvestor accounts. As fraudsters increasingly mimic legitimate brokermessages to lure investors into fake websites, the SFC is urging licensedcorporations to take immediate steps to prevent unauthorized trading.Scams Target Clients Through Deceptive SMS LinksThe regulator revealed that attackers have trickedclients into clicking on fraudulent links in text messages. These links reportedlyredirect users to counterfeit versions of licensed corporations’ websites, wherefraudsters harvest login credentials and authentication data. In several cases, criminals used this stoleninformation to access trading accounts and carry out unauthorized transactions.Victims bore the financial losses, and the SFC has since observed a notableincrease in such incidents. “The SFC fullysupports a globally coordinated and multi-pronged approach to addressing thegrowing phenomenon of unlawful finfluencers and their wide followings on socialmedia,” commented Julia Leung, the SFC’s Chief Executive Officer and Chair ofthe IOSCO Asia-Pacific Regional Committee.“Working in concert with our regulatory counterpartswill enhance the SFC’s own effectiveness in safeguarding market integrity andprotecting the investing public through supervisory oversight, enforcementactions, and investor education.”You may also like: 3 Arrests, 3 Criminal Proceedings: FCA Cracks Down on “Rogue Finfluencers”In its latest circular, the SFC outlined key measuresthat licensed corporations must implement. These include signing up for thefree SMS Sender Registration Scheme to help clients verify messageauthenticity, deploying surveillance systems to detect account breaches, andreporting suspicious transactions to the Joint Financial Intelligence Unit forfurther investigation.Brokers are also expected to educate clients aboutpotential scams, especially if they have experienced breaches or are aware ofongoing fraud trends in the market. The SFC highlighted tools like Scameter andits mobile app Scameter+ as resources clients can use to assess suspiciousmessages or websites.Public Urged to Remain VigilantThe SFC reminded investors not to click on anyhyperlinks in text messages that appear to come from brokers without firstverifying the sender’s identity. It advised against entering login details onany unverified website, even if it appears legitimate.Anyone who suspects they’ve disclosed sensitiveinformation or discovered unauthorized activity in their account should contacttheir broker immediately and report the case to the police.The regulator’s message is clear: with phishingthreats on the rise, proactive action from both brokers and investors iscrucial to maintaining trust in Hong Kong’s financial system. This article was written by Jared Kirui at www.financemagnates.com.