Phishing Texts Target HSBC Bank Customers

As the Christmas vacation flavor begins, a new phishing attack shows that scammers are not the kind to take days off. The latest entrada targets holders of accounts with the Us subsidiary of United kingdom of great britain and northern ireland'due south HSBC banking company, and pushes them to call fraudulent phone numbers or visit a website that aims to have all of their credit-card information.

Image: pixinoo / Shutterstock — Paradigm: pixinoo / Shutterstock

Customers are coerced into handing over their carte du jour data by letters that claim the customers' accounts have been suspended and that they need to verify their identities online. Security firm Malwarebytes presumes that the campaign is based on email attacks, only other reports betoken that similar scam attempts are arriving via text bulletin.

More: vii Easy Means to Get Your Identity Stolen

Users who visit the fraudulent website, which uses the domain hsbc-message.com instead of the legitimate united states of america.hsbc.com, are told that they "didn't consummate our security online class for the yr 2015." After the user clicks a Keep button, he or she is then asked to fill in the relevant credit- or debit-card number, expiration date, card verification code and ATM Pivot, all of which hands complete command of the carte du jour to whomever runs this folio.

Recipients of similar phishing attacks take taken to Twitter to show examples of phony messages. I user received a text bulletin that referenced the scams taking place and read: "Due to the contempo phishing activity H.S.B.C decided to temporarily block cards starting with 544368XX and 532561XX. For reactivation CALL At present," and and then lists a number with a 646 area lawmaking.

A Tom's Guide staffer without an HSBC account received a similar text message, which claimed to be providing a security alert from HSBC that pointed the recipient to automatizarx4duros[.]com.

HSBC is warning customers who log into the visitor's website, or telephone call its customer-service line, of the phishing texts.

Our advice to HSBC customers — and to all depository financial institution customers, since such attacks aren't unique to HSBC — is to never follow any links, and to never call phone numbers, that purport to exist from a bank but are sent via unsolicited email or text messages. Instead, you should call only the telephone number on the back of your banking card.

10 Worst Data Breaches of All Fourth dimension
Best Antivirus Protection for PC, Mac and Android
Mobile Security Guide: Everything You lot Need to Know

Henry is a senior editor at Tom's Guide roofing streaming media, laptops and all things Apple tree, reviewing devices and services for the past six-plus years. Prior to joining Tom's Guide, he reviewed software and hardware for TechRadar Pro, and interviewed artists for Patek Philippe International Magazine. He'south likewise covered the wild world of professional wrestling for Cageside Seats, interviewing athletes and other manufacture veterans.