December 22, 2015 by

Phishing Scam Targets HSBC Customers

Security researchers have discovered a phishing scam targeting HSBC bank customers via phony emails.

Security researchers from MalwareBytes have discovered a new phishing campaign wherein a scam email is sent to customers of HSBC, letting them know that their account is locked. The message is concerning to anyone who falls for the scam and the reminder of the scam email includes a form for the unsuspecting user to fill in his or her bank information.

The message reads:

Dear customer,

Your account is currently locked!

We locked your account because we need to draw your attention to the fact that you didn’t complete our security online form for the year 2015.

This form expires today and we need you to finish the process right away.

HSBC is among the largest banks in the world, and the second largest in the United Kingdom, making it a ripe target for a malicious hacker.

The ‘form’ includes fields wherein the customer is requested to enter card numbers, the card’s expiration details and verification code, predictably. The form even asks for the card’s ATM PIN, which should be plenty to tip off most alert users. However, a few customers are likely to fall for the scam, those who aren’t aware of the fact that banks would never contact their customers in such a manner.

When the information is filled, the customer is notified with a message that reads:

We’ll get back to you in 24 hours.

This particular scam is merely one of many plaguing HSBC customers these days and it is always recommended that you wield caution whenever you receive a banking-related email.

An excerpt from Malwarebytes’ blog read:

Scammers are always looking for a way to grab some fast cash, and regardless of whether they approach you by email, SMS or phonecall, a generous helping of caution will work wonders where holding on to your card details is concerned.

If you are a HSBC customer and have received a similar email or are curious about how phishing scams work along with the ways to insulate yourself from being the prey to cybercriminals, this page from HSBC will certainly help.


About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Expedia’s Orbitz: 880,000 Payment Cards Struck by Data Breach

Orbitz, a subsidiary of online travel giant Expedia has revealed a data breach wherein hackers may...

Read more arrow_forward

Data Theft and Departing Employees – Why it Matters (Part 2)

In this article, LIFARS outlines the best practices toward protecting your organization from data...

Read more arrow_forward

SEC Publishes Guidance on Cybersecurity Breach Disclosures

In the aftermath of the sweeping, infamous breach of Equifax, the SEC has now provided additional...

Read more arrow_forward