Skip to main content
+852 9516 3801 henry@hoandpartners.com
HK Fraud Law
🇬🇧

Business Email Fraud Recovery in Hong Kong

Business email compromise (BEC) is the single most financially damaging category of cyber fraud worldwide, and Hong Kong is one of the most common destinations for BEC proceeds. In a typical attack, a fraudster infiltrates or impersonates a trusted email account and tricks a business into wiring money to an account the fraudster controls. Because the payment appears routine — an invoice from a known supplier, a wire request from a CEO — victims often do not realise they have been defrauded until days later.

Hong Kong’s legal system provides effective tools for tracing and recovering BEC funds — but only if you act within hours, not days.

How Business Email Compromise Works

BEC attacks target the point where human trust meets electronic communication. Common variants include:

  • Invoice fraud (vendor impersonation): The fraudster compromises or spoofs a supplier’s email account and sends a message notifying you that their bank details have changed. Your next payment goes to the fraudster instead. The fraud is often discovered only when the real supplier chases for unpaid invoices weeks later.
  • CEO or CFO impersonation: The fraudster poses as a senior executive and emails a finance team member requesting an urgent, confidential wire transfer — often referencing a real deal to add credibility.
  • Hacked email account: The fraudster gains access to the actual email account of a trusted contact, monitors threads, and intervenes at the right moment — typically just before a payment is due. Because the emails come from the genuine account, they are extremely difficult to detect.
  • Spoofed domains: The fraudster registers a domain closely resembling the real one (substituting “rn” for “m”, adding a hyphen). An email from accounts@yourcompany-hk.com is easily mistaken for accounts@yourcompanyhk.com.

In all scenarios, the victim willingly initiates the payment. The bank processes what appears to be a legitimate instruction, so the bank is generally not liable for the loss. Recovery falls on the victim.

Why BEC Funds End Up in Hong Kong

Hong Kong is a top destination for BEC wire transfers for structural reasons:

  • Transaction volume: The sheer volume of cross-border wire transfers means one more payment to a Hong Kong account does not trigger automatic red flags.
  • Fast account opening: Fraudsters use shell companies, mule account holders, and stolen identities to open receiving accounts.
  • Rapid onward movement: Funds are typically moved within hours through multiple mule accounts before being withdrawn or transferred offshore. This layering is designed to frustrate tracing.

Time is the decisive factor. Every hour of delay reduces the chance of recovery.

The First 24–72 Hours

If your business has been hit by a BEC attack, take these steps immediately and in parallel:

1. Contact your bank. Request a recall of the wire transfer. If payment has not yet cleared, it may be possible to stop it. Ask for written confirmation that a recall has been sent to the beneficiary bank.

2. Report to the Hong Kong Police. Call the Anti-Deception Coordination Centre (ADCC) 24-hour hotline at 18222 or report via the e-Report Centre. Include the fraudster’s bank account number, the amount, date of payment, and copies of the fraudulent emails. Request an urgent freeze. Police can ask the Joint Financial Intelligence Unit (JFIU) to issue a No Consent Letter to the bank under section 25A of the Organised and Serious Crimes Ordinance (Cap. 455), effectively freezing the account. For full details on how the police freeze works, see What to Do If You Have Been Scammed.

3. Instruct a Hong Kong solicitor. For significant sums, engage a solicitor immediately — in parallel with the police report, not after it. Court orders provide stronger protection than the police freeze alone.

4. Alert your overseas bank and local authorities. If the payment originated outside Hong Kong, report to your local police and bank regulator. Some jurisdictions — notably the United States through the FBI’s IC3 — have mechanisms for urgent interception of international wire transfers.

Hong Kong’s Court of First Instance has a well-developed toolkit for BEC recovery:

Mareva injunction (freezing order)

A court order preventing the account holder from withdrawing or disposing of funds. It can be obtained within one to two days, typically ex parte (without notice to the defendant). The court requires a good arguable case, identifiable assets in Hong Kong, and a real risk of dissipation. Breach is contempt of court — significantly stronger than a police freeze.

Norwich Pharmacal order

In most BEC cases, the named account holder is a mule or shell company, not the real fraudster. A Norwich Pharmacal order compels the bank to disclose the account holder’s identity, KYC documents, and transaction records. This is essential for identifying who is behind the account and tracing where funds went. It is typically accompanied by a gagging order preventing the bank from alerting the account holder.

Bankers Trust order

Where funds have been moved onward, a Bankers Trust order compels the next bank in the chain to disclose details of the secondary accounts — critical when funds have passed through multiple mule accounts.

Default judgment and garnishee order

Fraudsters rarely defend proceedings. If the defendant fails to respond, you can obtain default judgment, then a garnishee order under Order 49 of the Rules of the High Court (Cap. 4A) directing the bank to pay the frozen funds to you.

Multi-Layered Fund Tracing

Funds in BEC cases rarely stay in the first receiving account. Fraudsters typically layer money through two to five mule accounts before withdrawing cash or remitting offshore. Recovery requires tracing through each layer:

  1. Freeze the first account via police report and/or Mareva injunction
  2. Norwich Pharmacal order against the first bank to identify where the money went
  3. Freeze the second-layer accounts and repeat as needed

Recovery is most likely when funds are caught at the first or second layer. Each additional layer increases cost and reduces the chance of full recovery.

Timeline and Costs

Stage
Emergency police freeze
Mareva injunction (ex parte)
Norwich Pharmacal order
Tracing second/third-layer accounts
Default judgment (if undefended)
Garnishee order and payment out

Total (undefended): several months from freeze to payment, depending on the complexity of the case.

For a straightforward case where funds are caught in one account, legal fees are typically HK$80,000–HK$200,000, plus court fees. Multi-layered tracing or contested proceedings increase costs substantially. “No win, no fee” is not permitted for litigation in Hong Kong, so discuss the cost-benefit with your solicitor before committing.

Working with Overseas Counsel

BEC is inherently cross-border. If your business is outside Hong Kong, your home solicitor can coordinate with your Hong Kong solicitor, report to local police, and pursue parallel proceedings in other jurisdictions. For service on an overseas defendant, your solicitor must obtain leave of court under Order 11 of the Rules of the High Court (Cap. 4A). You do not need to be physically in Hong Kong — proceedings can be managed entirely by your Hong Kong solicitor, with evidence provided by affidavit.

Prevention

While this article focuses on recovery, businesses should implement:

  • Dual-authorisation for wire transfers above a set threshold
  • Verbal verification of any banking detail changes, using a known phone number
  • Multi-factor authentication on all corporate email accounts
  • Staff training on BEC red flags: unusual urgency, secrecy requests, changed payment details, slight domain variations
  • Payment cooling-off periods before processing new or changed instructions

Frequently Asked Questions

How quickly do I need to act?

Within hours, not days. Contact your bank and the ADCC hotline (18222) immediately. Funds can be moved out of the first receiving account within hours of arrival.

My company is outside Hong Kong. Can I still recover?

Yes. Report to Hong Kong Police remotely, instruct a Hong Kong solicitor, and provide evidence by affidavit. Many BEC victims are companies in Europe, North America, or elsewhere in Asia with no prior connection to Hong Kong.

What if funds have already been moved onward?

Recovery is harder but not impossible. Norwich Pharmacal orders trace where funds went, and injunctions can be obtained against onward accounts. Partial recovery is often achievable if action is taken promptly.

Can the bank be held liable?

Generally no. Because the victim initiates the payment voluntarily, the bank processes a legitimate instruction on its face. Bank liability claims exist in limited circumstances but are difficult to establish.

Is BEC a criminal offence in Hong Kong?

Yes. BEC involves fraud (contrary to the Theft Ordinance (Cap. 210), section 16A), obtaining property by deception (section 17), and potentially money laundering under Cap. 455. Mule account holders can also face criminal liability. However, criminal prosecution and civil recovery are separate — you must pursue civil proceedings to get your money back.

Need help with your case?

All consultations are confidential and protected by legal professional privilege.

Contact Henry Su WhatsApp Us

Related Articles

What to Do If You've Been Scammed in Hong Kong

A practical legal guide for fraud victims in Hong Kong — from preserving evidence and police reporting to freezing orders and court recovery.

3/17/2026 Read more →

Freezing Orders in Hong Kong Fraud Cases

How Mareva injunctions and freezing orders work in Hong Kong — requirements, process, costs, and what to expect.

3/17/2026 Read more →