Joint Operation Cracks Cross-Border Phishing Scam

By the Editorial Team · Saturday, June 27, 2026

Hong Kong police, in collaboration with mainland authorities, arrested 15 suspects and dismantled a phishing network that impersonated the Water Supplies Department to steal about HK$16.8 million from victims. The crackdown addresses a surge in such scams—up 83.5% this year—and includes new public warnings and anti-fraud campaigns to protect residents from increasingly sophisticated schemes.

Hong Kong police, in coordination with mainland authorities, have dismantled a cross-border phishing network that defrauded victims of approximately HK$16.8 million by impersonating the Water Supplies Department (WSD). The coordinated investigation, conducted between March and June, resulted in 15 arrests.

Named Operation Boldhawk, the crackdown targeted a syndicate that sent fraudulent text messages to residents in Hong Kong, Superintendent Hui Yee-wai of the police cybersecurity and technology crime bureau said. The messages falsely claimed to be from the WSD, warning recipients of overdue bills or potential suspension of water services to prompt them into divulging sensitive information.

Superintendent Hui highlighted that scammers have increasingly exploited public trust in government agencies and tapped into the critical nature of utility services to ensnare their victims. Police data showed that between January and May of this year, phishing cases surged by 83.5 percent compared to the previous year, with 1,009 incidents recorded. Among these, 841 involved fake WSD payment requests.

One notable case involved a 71-year-old victim who, after responding to a scam message in March, entered the details of two credit cards into a counterfeit website. This led to unauthorized overseas online purchases exceeding HK$310,000, according to Hui.

The victims’ ages ranged widely, from 17 to 86 years old, with an equal distribution of male and female targets, senior inspector Yam Ho-yin of the cybercrime bureau said. Yam warned that phishing scams could affect anyone and urged the public to remain vigilant.

The syndicate established fake websites using domain names that mimicked official government acronyms like WSD. They sent mass text messages instructing recipients to update bill information or warning of service disconnection.

On June 8, mainland law enforcement officials raided a fraud center and arrested two individuals, a 28-year-old man and a 36-year-old woman, identified as the ringleaders managing these phishing platforms, Yam stated. Authorities uncovered data related to about 4,000 credit cards and flagged over 1,200 suspicious web links, coordinating with banks and telecommunications companies to block and remove fraudulent sites.

Locally, Hong Kong police apprehended nine additional suspects—five men and four women aged between 19 and 57—implicated in 14 related cases with losses totaling around HK$300,000. Superintendent Leung Chi-hang of the regional anti-deception unit explained that these individuals were recruited online to receive goods purchased with stolen credit card information, provide their phone numbers and addresses, and then forward the items to mainland China. Leung cautioned that offers of quick money or simple part-time tasks involving receipt of goods could be linked to such scams.

In response, the Water Supplies Department has introduced voice warnings on its customer service hotline to alert callers about fraudulent messages and has launched citywide anti-fraud campaigns. Assistant director Cho Ping-ho said the department will continue to work closely with police enforcement efforts while intensifying public education on fraud prevention through multiple communication channels.

This article was reported by synthesizing coverage from multiple independent news outlets to present a balanced, unbiased account. Read about our editorial standards. Spotted an error? Let us know.