Even though HSBC has market-leading fraud detection systems, we want you to be aware of the different ways criminals may try to steal your money.
Much has been made in the news media recently about the hazards of online hacking and data breaches, but what is seldom reported is how much simpler it is to "hack" people than computers. This process is called social engineering, and is far easier to do than one might think.
Social engineering exploits aspects of human nature - behaviours that come naturally to us. Key to social engineering is the manipulation of trust - gaining a target's trust and thereby getting them to disclose information that should be kept secure.
Scammers contact their targets, usually via telephone (vishing), text or email (phishing), purporting to be individuals in positions of trust, such as bank staff, representatives of telecoms or utility companies, or even the police. Having gained their target's trust, they then request sensitive information or items which allow them access to their target's bank accounts - things your bank would never request themselves, such as:
Customer Telephone Services (Please call this number in the first instance): 03457 404 404 or if overseas +44 1226 261 010
Textphone: 03457 125 563 or if overseas +44 1792 494 394
Security Reset Team (Please call this number if you suspect you may have divulged your security details): 345 600 2290
Lost or Stolen Cards: 0800 085 2401 or if overseas +44 1442 422 929
Fraudsters call out of the blue claiming that a fraud has already happened, or may be imminent. They may already have some information about you, and may pose as bank staff, the police and other officials or companies in a position of trust. The fraudster will then try to persuade you to:
In many cases, these cold callers will suggest you hang up the phone and call them back on another number. However, it is easy for them to keep the connection open and intercept the call, so all the information you think you're giving to your bank is actually going to them.
It's important to remember:
Criminals may already have some basic information about you (name, address, account details); don't assume a caller is genuine because they have these details or because they claim to represent a legitimate organisation.
Be wary of unsolicited emails that appear to be from your bank and contain links to websites urging you to provide confidential, personal or financial information. The emails may appear to come from a legitimate site and often warn that your account may be shut down unless you take some action. These emails are designed to steal your personal information and use it to access your accounts.
Do not reply to or, click on a link from any email that you are not sure is genuine. Instead contact the company, using an authenticated telephone number.
Phishing emails typically:
If you receive a suspicious-looking email purporting to be from HSBC, forward it to firstname.lastname@example.org, delete it and empty your deleted items.
Be wary of suspicious text messages sent by fraudsters that look like they have come from your bank to trick you into giving over your personal and financial information (by calling a number or clicking a link).
It's important to remember:
If you suspect a text is Smishing, please forward it to email@example.com
Some fraudsters will claim to be from your bank or Credit Card company and arrange for a courier to collect your card. They may also ask you to write down your PIN and hand it over as well. To add credibility the fraudster may even advise you to cut the card in half.
Please note that:
To ensure that we can get in touch if any suspicious activity seems to be taking place on your account, please provide HSBC with up to date contact details including a mobile telephone number.
Beware of cold calls offering too-good-to-be-true investment opportunities. Fraudsters are known to sell worthless, overpriced or even non-existent shares. These can take many forms, but there are some common factors you should look out for including:
Unfortunately, if it sounds too good to be true, it usually is.
Pension liberation involves transferring pension funds from an existing scheme to a new one, to allow early access to benefits before the legal age of 55. Fraudsters typically target people under financial pressure and will sometimes claim that they can unlock some or all of their pension fund for a fee, which can be very high and may result in serious tax consequences. Be alert to offers like this and if in doubt seek advice from registered pension providers.