HSBC scam using their actual website!

edfraser11

Warning to all HSBC users. When I login using internet explorer to the main hsbc . co . uk website, I am asked to enter my IB number, password and key code number as normal.

Then I am taken to the following page which is obviously a fishing scam! I can't believe someone has hacked the main hsbc.co.uk page, but I have tried it a few times and it's definitely for real.

The page has a bunch of fields asking for:

- Debit Card Number
- Expiry date
- 3 digit security code
- ATM PIN
- Mother's maiden name
- DOB
- Account number
- Sort code
- Full name
- Address
- Mobile phone number
- Landline number
- Telephone banking PIN

There is no way this is a legitimate HSBC page. I called the customer services guy over a week ago, but the page is still there (obviously the guy in the call centre didn't care very much!).

This seems like a sophisticated fishing scam - beware!

Could be a virus on my local PC, but I have a solid virus checker so I doubt it - problem seems to be with someone hijacking their website.

CKhalvashi

Just dug my car keys out the bottom of OH's bag and I'm not having the same issue.

Try running a full security check (Avast is free), plus Malwarebytes to see if you have anything.

CK

Ifts

Just logged in and all seems to be working fine for me.

OP - As suggested try a virus or malware check.
Or you could try logging on to your HSBC online banking from a different computer if you can just in case yours does have a virus, that way you can eliminate it.

gt94sss2

edfraser11 wrote: »

This seems like a sophisticated fishing scam - beware!

Could be a virus on my local PC, but I have a solid virus checker so I doubt it - problem seems to be with someone hijacking their website.

Its definately a problem with your PC - not the HSBC website itself

As others have suggested try running some other software on it to check/remove malware.

Regards
Sunil

withabix

You have downloaded a malware file which diverts your URLs when they are for HSBC.

What security software are you running and have you clicked on any links in emails which appear to be from HSBC?

opinions4u

edfraser11 wrote: »

Could be a virus on my local PC, but I have a solid virus checker so I doubt it - problem seems to be with someone hijacking their website.

It is a virus on your PC. Get your passwords changed on another PC and get rid of the nasties on your main PC.

The free Malware Bytes version may sort you out for not.

MoneySaverLog

Agree it's malware, logged into HSBC this morning. None of this appeared :-)

Jim431

Sounds like a form of Internet threat related to man-in-the-middle (MITM), which is a proxy Trojan horse that infects a web browser by taking the advantage of vulnerabilities in browser security to modify web pages

https://en.wikipedia.org/wiki/Man-in-the-browser


If you are running Microsoft Operating system then Download the Microsoft Safety Scanner. A Free online tool for PC health and safety

http://www.microsoft.com/security/scanner/en-gb/default.aspx

Make sure you update your web browser to the latest version.

Use MalwareBytes (as already suggested) or Windows Defender with the latest updates.

Don't use the computer for any logins until it is cleaned.

Change any passwords that may have been compromised using another computer (as already suggested).

Maybe advise the service providers concerned to protect yourselve if fraud is already in progress.

Let us know what you find and how you fixed it.

SliAbhaile

edfraser11 wrote: »

When I login using internet explorer

I think I've identified your problem.

Jim431

Been doing some reading to see what the latest methods are for defeating these types of attack.

Seems like the easiest method is to use a portable Browser stored within a personal folder on your hard drive.
You use the portable browser for Banking and your normal browser for everything else.
This will be very difficult for attacker software to find if your computer gets infected.
It's not a perfect solution but it is better.

eg: use Firefox Portable from http://www.portableapps.com/

You MUST use a TRUSTED download site (which portableapps is) and keep the browser up to date.
Internet Explorer isn't available as a portable and Firefox is probably more secure anyway.

Details here...

http://blogs.computerworld.com/19692/online_banking_what_the_bbc_missed_and_a_safety_suggestion

The weakness of this method is that if the trusted site distributes an infected copy of the browser then you are worse off than before.

I don't know if this has ever happened to portableapps but it would kill their reputation forever so I would expect that they are very careful to avoid such problems.

MoneySaverLog

Just keep your antivirus and firewall up to date, run weekly scans and do the customary windows updates every week.

Don't click on any dodgy links in spam emails and only download updates to browsers from the trusted website.

Also worth getting trusteer rapport installed.