bodyType

customContents

entityId

entityUuid

articlePageQuery

filter

article

articleBaseAdvertisingInfoArticle

articleListArticle

articleSeoArticle

helpersCheckIsPostiesArticle

hooksArticleAcknowledgementGateOverlayArticle

hooksTrackPageViewArticle

hooksContentInterestArticle

articleLinkingDataContent

hooksAmpRedirectArticle

articleSchemaContent

liveArticle

advertZone

sentiment

contentLock

topics

types

sections

paywallTypes

createdDate

publishedDate

moreOnThisArticles

urlAlias

commentCount

authorLocations

authors

corrections

sponsorType

displaySlideShow

multimediaEmbed

printHeadline

seriesContainer

socialHeadline

headline

flag

firstTopic

glossary

flattenTypeIds

additionalInfoBoxes

quizIds

images

image

relatedLinks

relatedNewsletters

__typename

sponsor

pdfFiles

seriesReverseOrder

series

disableOffPlatformContent

published

updatedDate

summary

subHeadline

body

keywords

readingTime

customTimezone

liveContents

Chris Oliver

HSBC customers have been targeted in the latest  e-mail banking scam discovered in Hong Kong.

It directs customers to verify their account details by clicking through a hyperlink to a bogus website that mimics the bank's own site.

The e-mail recipients are asked to log on to take part in an anti-fraud investigation - a con similar to one that targeted Citibank customers in January.

The Hong Kong Monetary Authority issued a warning to bank customers yesterday, saying the bogus web page 'looks very similar' to the real one. The address  of the page is www.ebank.hsbc.com.hk/servlet/onlinehsbc.

The earlier e-mail purporting to be from Citibank told account holders that the bank had to block some accounts in its system 'connected with money laundering, credit card fraud, terrorism and check [cheque] fraud activity'.

HSBC spokesman Gareth Hewett said the bank would never  ask customers to confirm personal information via e-mail for its internet banking, phone banking or ATM services.

He said those clients who bank online should never follow a link within an e-mail to start an internet banking session.

'We do not send out e-mail of that sort and customers should not click through,' he said.

However, when responding to a personal inquiry, the bank may request some personal information from clients over its private internet banking platform.

Adding to the appearance of authenticity, the bogus website sports a banner in bold red type warning customers 'not to access their Internet Banking accounts through hyperlinks embedded in e-mails'.

Click on the warning banner and it automatically redirects to an online security page offering additional advice on 'E-mail Security and Spoof Websites' - a  replica of the security page on HSBC's website.

While HSBC has reported the case to the police,  it is not known if anyone has lost money  in the scam.

The HKMA advised individuals who bank online to practice good security protocol. 'They should access their internet banking accounts by keying in the website addresses at the address bar of the browser, or bookmark the genuine website and use that function to access their internet  accounts.'



Bogus website targeting HSBC's customers