Self Help Guide: Non-Information Security Incidents

HKCERT responds quickly and efficiently to information security incidents reported to us. Here are some examples:

• Email with suspicious link and attachment. (Phishing site and Malware.)
• Scam email deceiving you to transfer money.
• Computer infected with malware (e.g. virus, trojan, spyware etc.).
• Company website defaced (e.g. replaced with some unknown image/content).
• Company website service disrupted due to attack (e.g. vulnerability scanning, DDoS etc.).

There are also some IT related, but non-information security incidents, for example:

• Receiving advertisement of some unknown shops through email/SMS.
• Somebody copy the content of your website for business purposes without your permission.
• You suspected that some organization did not properly handle your personal information.

It is important for you to contact the appropriate parties when you encounter non-information security related incident, so that the incident can be handled promptly.

The following are some of the organizations/authorities which you may find helpful for non-security incidents:

• Unsolicited electronic message:
  • Launch complaint to OFCA: Unsolicited Electronic Messages Report Form
  • OFCA - Unsolicited Electronic Messages Ordinance
  • InfoSec - Protecting against Spam Emails
  • Hong Kong Internet Service Provider Association - Anti-Spam
• Copyright and intellectual property:
  • Customs and Excise Department
  • Intellectual Property Department
• Privacy issues:
  • Office of the Privacy Commissioner for Personal Data
• Inappropriate or illegal content:
  • Report to the content provider or police.