Browse archive

Latest news

CISOs need to engage with the board

Wi-Fi client security weaknesses still prevalent

Find TrueCrypt and BitLocker encrypted containers and images

Sourcefire goes beyond the sandbox

The CSO perspective on healthcare security and compliance

Jailed hacker designs device to thwart ATM card skimming

U.S. Congress has questions about Google Glass and privacy

Cyber espionage campaign uses professionally-made malware

Form-grabbing rootkit sold on underground forums

Large cyber espionage emanating from India

Over 45% of IT pros snitch on their colleagues

Thoughts on the need for anonymity

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

HSBC customers under phishing attack

Posted on 12 April 2012.

Customers of HSBC, one of the largest banking and financial services organizations in the world, are currently being targeted with a fake warning of account suspension:

The email claims that someone tried to access the user's account and failed, and that the bank suspended the account in order to protect the customer.

Unfortunately, the offered link takes the victims to a phishing site made to look like the bank's legitimate Internet banking login page, where they are asked to input their user ID, name, date of birth, security number, sort code, account number and ATM PIN code in order to prove their identity.

Once the information is submitted by pressing on the "Continue" button, it is immediately sent to the phishers and the victims are redirected to the bank's legitimate page.

"This type of phishing scam is a very common criminal tactic," points out Hoax-Slayer.

"Be wary of any email purporting to be from your bank that claims you must click a link or open an attachment in order to supply private personal and financial details. Always login to your bank website by entering the address in your web browser rather than by clicking a link in an email. "