No matter how friendly or unassuming an anonymous email or SMS seems, it may come from a person who is trying to get your account details for the wrong reasons. 'Phishing' is not only unsafe for your money, but it can lead to identity theft and various other cyber-crimes.
What is phishing?
Phishing involves fraudsters using methods such as sending e-mails that request recipients to update or verify their personal and financial information such as date of birth, online login information, account details, credit card numbers, PINs etc. Usually, these e-mails claim to come from a legitimate organisation such as a bank or an online retailer.
The e-mail may contain a link that takes you to a website that looks identical (or very similar) to the organisation's genuine site. Fraudsters can then capture personal data like passwords as you type it in or download malware onto your computer.
Protect yourself against Phishing
HSBC do not send unsolicited e-mail messages asking their customers to update or verify their personal details, Personal Internet Banking login or security details such as Secure Key passwords/values. Links within emails from HSBC will only take you to information pages on our websites.
To verify that the session is secure, make sure that the URL address line is highlighted in green and includes "https" instead of "http", as per the below:
If you are in doubt about the legitimacy of the e-mail, or if you think that you have been a victim of a phishing scam, please forward any suspicious emails to email@example.com
You should be careful to use the normal method you use to contact HSBC, rather than use any suggestions included in, or by responding to, a suspicious e-mail.
Thank you for banking with HSBC.