HKBN Empowers SPOs with Free Phishing Email Assessment – Results showed 10% failure rate, nearly double the global benchmark for NGOs

HONG KONG, March 19, 2024 /PRNewswire/ — In response to the surge in phishing attacks over recent years, HKBN Group (HKBN) has collaborated with Green Radar, a leading cybersecurity and innovation technology company, to conduct free phishing email drills for ten social profit organisations (SPOs). This initiative aims to enhance SPO employees’ alertness, equipping them with the skills to effectively identify and mitigate the potential risks from suspicious phishing attempts.

HKBN conducted free phishing email drills for ten social profit organisations. This initiative aims to enhance SPO employees’ alertness of cybersecurity. (From left) Wilson Tang, HKBN Co-Owner and Chief Information Security Officer; Dr. Wan Lap Man, Executive Director of Hong Kong Playground Association; and Li Tin Lun, Administrative Head of Hong Kong Christian Service.

The phishing email assessment was conducted in February this year, simulating the most prevalent hacking tactics observed in recent years. Nearly 10,000 employees from ten participating SPOs were involved and received highly realistic phishing emails. These deceptive messages, offering “first-come-first-served” gift giveaways, lured recipients to click on embedded links and give up their personal information.

The result revealed that employees from all ten SPOs were vulnerable to the phishing emails. Notably, about one-tenth (10.7%) of the approximately 10,000 employees failed to identify the phishing emails, a figure that is nearly twice as high as the global average failure rate of 5.5%[1] for non-profit organisations. Alarmingly, 43.6% of those who failed also clicked on spam links and submitted sensitive personal information, including their names and email addresses. Overall, these findings underscore the need for heightened vigilance among Hong Kong’s SPO community regarding phishing emails.

Among the ten SPOs that participated in the assessment, four indicated that they had suffered losses due to phishing attacks, while eight acknowledged that their employees lacked adequate technical knowledge in cybersecurity. Although most SPOs have implemented cybersecurity measures internally, (for example, eight SPOs said they have an alert mechanism in place for cyberattacks, and seven SPOs had updated their cybersecurity measures in the past year), more than half of them (six SPOs) admitted that they had either not provided any cybersecurity awareness training or had only provided one session in the past year.

Wilson Tang, HKBN Co-Owner and Chief Information Security Officer said, “The rapid development of artificial intelligence has led to an upsurge in phishing attacks. The Hong Kong Computer Emergency Response Team Coordination Center (HKCERT) recorded the highest number of phishing incidents in five years last year[2], reflecting the urgent need for all sectors of society to enhance cybersecurity. SPOs serve the public and handle data from numerous stakeholders, the risks they are facing are definitely not lower than those of private enterprises. In our assessment, all participating SPOs fell victim to phishing. When just one employee opens a malicious email, he or she could fall into hackers’ traps, which can potentially lead to financial losses and other damaging outcomes.”

Li Tin Lun, Administrative Head of Hong Kong Christian Service said, “Cybersecurity is critically important, but most SPOs are often constrained by budgets as they prioritise resources on operations and community care. We are grateful to HKBN for stepping up its support through this programme, which will go a long way to enhancing cybersecurity awareness and know-how in the social sector. Furthermore, we would also like to call on the industry to allocate more resources to safeguarding the personal data and interests of different stakeholders.”

As part of its commitment to fostering digital inclusion, HKBN established the HKBN SPO IT Club in 2023, offering voluntary services such as cybersecurity and IT training to the community. For those who wish to receive more support in cybersecurity can register to join the HKBN SPO IT Club and receive free consultation services. HKBN Enterprise Solutions will be organising a complimentary seminar on phishing prevention and mitigation, scheduled for 15 April 2024. Click here for more details.

About HKBN Group

Headquartered in Hong Kong with operations spanning across Hong Kong, Macau and mainland China, HKBN Group is a leading integrated telecommunications and technology services provider. The Group provides a full range of one-stop, high-quality information and communication technology (ICT) solutions and an unlimited services portfolio. HKBN’s extensive tri-carrier fibre infrastructure covers over 2.55 million residential homes and 8,100 commercial buildings and facilities across Hong Kong. Committed to creating a lasting positive impact to wherever it operates, HKBN embraces a core purpose to “Make our Home a Better Place to Live” and has received a highest possible rating of AAA in MSCI’s 2022 ESG Ratings assessment in environment, society and governance. The Group is managed by hundreds of Co-Owners (supervisory and management level Talents in the Group) who invested their savings to buy shares of HKBN Ltd. (SEHK Stock Code: 1310). For more information about HKBN Group, please visit