Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









HSBC 'Password Entered Incorrectly' Phishing Scam

Outline
Email purporting to be from UK based banking group HSBC claims that the recipient's account has been suspended because the Internet Banking Password was entered incorrectly three times. The message instructs recipients to click a link to restore account access.



Brief Analysis
The email is not from HSBC and the claim that the recipient's HSBC account has been suspended is untrue. In fact, the message is a phishing scam designed to steal banking details via a bogus website.

Bookmark and Share
Detailed analysis and references below example.





Last updated: 12th April 2012
First published: 12th April 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: New e-mail message: [ 11 April 2012 ]

Dear [user email address removed],
Your Internet Banking Password was entered incorrectly 3 times.
For the protection of your account we have suspended access to it.
To restore access please Log on correctly.

Previous notifications have been sent.

Thank you for choosing Uk HSBC Plc .
Copyright HSBC Plc. 2012. All rights reserved.

HSBS Phishing Scam Email




Detailed Analysis
This email, which purports to be from large UK financial entity HSBC, claims that the recipient's account has been suspended for security reasons because his or her Internet banking password was entered incorrectly three times. According to the message, the account holder must click a link to correctly login to the banking website in order to restore account access.

However, the email is not from HSBC and the claim that the account has been suspended is a lie. The message is a phishing scam designed to trick the recipient into divulging his or her banking details to cybercriminals. If a user falls for the ruse and clicks the link in the message, he or she will be taken to a bogus webpage designed to look like the genuine HSBC website and asked to provide a user ID:

Bogus HSBC login page


After entering the User ID, the victim will be taken to a second bogus webpage that asks for name, date of birth and account details:

Bogus HSBC account details form


All of the information entered into the bogus forms can be harvested by the criminals behind the phishing attack. Once they have collected this information, the scammers can gain access to the victim's real HSBC account, lock out the legitimate account holder and use the account to make fraudulent transactions and transfers. After the victim clicks the "Continue" button on the final fake form, he or she will be automatically redirected to the genuine HSBC website and may therefore not realize that the account has been compromised and is about to be hijacked.

This type of phishing scam is a very common criminal tactic. Be wary of any email purporting to be from your bank that claims you must click a link or open an attachment in order to supply private personal and financial details. Always login to your bank website by entering the address in your web browser rather than by clicking a link in an email.

Bookmark and Share References
Phishing Scams - Anti-Phishing Information

Last updated: 12th April 2012
First published: 12th April 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer