Jumping on HSBC security concerns bandwagon

november

I've just received the following email

Dear valued member ,

We are glad to inform you that our bank has a new security system. The updated technology will insure the security of your payments trough our bank. Hoping you'll understand that we are doing this for your own safety, we suggest you to renew your account .

Once you have renew your records, your session will not be interrupted and will continue as normal.

To renew your HSBC Bank PLC. account information click on the following link:

https://www.hsbc.co.uk/1/2/personal/pib-home


Note: If we do not receive the appropriate account verification within 48 hours, the account will be suspended. The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community .


Best Regards ,

J. S. Smith
Security Advisor
HSBC Bank PLC.

The link address is pretty good but they seem to want me to trough the bank rather than go through it. Plus suspend my account if I don't reply within 48 hours? From a Sunday? I don't think so

Stonk

It's amazing. I've seen a lot of scam email, but I've never yet seen one that was written properly (spelling, grammar, sense, logic).

On the other hand, every email I receive that really is from a bank is properly written.

Have I discovered a new and innovative way of detecting scams?

djl

november wrote:

I've just received the following email



The link address is pretty good but they seem to want me to trough the bank rather than go through it. Plus suspend my account if I don't reply within 48 hours? From a Sunday? I don't think so

its a con i keep getting hsbc emails and i don`t even have a account with them

Astaroth

Is that the actual link?

Most of these types will have the html along the lines of <a href="www.scammersRus.com">www.hsbc.co.uk</a>

Therefore in the text you see https://www.hsbc.co.uk as the link but if you actually click it will go to https://www.scammersrus.com - often also using popup windows to mask the actual URL you are at

Heinz

As you say, the spelling and grammar are the real giveaways.

I'd stake a few quid on this being Nigerian in origin because, without giving the originator any tips, I think we've all spotted the two spelling mistakes and the superfluous definitive article in the second sentence of the first paragraph.

OTOH, does anyone still click on a link in an e-mail these days? I sometimes hover over them and check where a link'll take me - but I NEVER click.

Astaroth

I have clicked on them in the past but simply to see the site it brings up - if there are variables at the end of the URL then I will normally just copy the domain/ file address (minus the querystring) and paste it into the browser.

Have to say a few have been fairly careful with the reproduction and a few tricks to lul you into a false sense of security but there have been some that are so badly done that it is outstanding that anyone falls for it (eg company name spelt wrong/ wrong colours in the large logo on the page)

november

Astaroth wrote:

Is that the actual link?

Most of these types will have the html along the lines of <a href="www.scammersRus.com">www.hsbc.co.uk</a>

I haven't a clue. Its the link as it appeared in the text in the email. I didn't click on it. I'm not that curious on a 'just in case' basis.

I can verify that my account definately is still working without any help from Nigeria or wherever

JamesUK_3

I had one or two of these at work once, one was from "Barclays" and one i beleive from "Halifax".

OBVIOUSLY i didnt beleive them but I was bored so i had a look at the page they took me to and found if you changed the subdirectory /a/ or /b/ or /c/ there was a whole host of different looking web pages for different banks.