The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to an e-mail purporting to be sent from The Hongkong and Shanghai Banking Corporation Limited (HSBC). The e-mail requests customers to use an embedded hyperlink (for example, " business.hsbc.com/sys_directory/isa/file.aspx?session=228072037356942815405911623153569627471517767588399355&id=4778134 ") to connect to a fraudulent website and verify their account information by entering their Internet banking account's user name and password. The fraudulent website looks similar to the bank's Internet banking logon webpage. HSBC has clarified that it has not sent these e-mails to its customers and has no connection with the fraudulent website. In addition, HSBC does not have the policy of sending e-mails asking its customers to provide their passwords or verify their account information online.
HSBC has already reported the case to the Hong Kong Police Force for investigation. Anyone who has provided his or her personal information to the website, or has conducted any financial transactions through the website should contact HSBC at 2748 3322 and any local Police Station or the Commercial Crime Bureau of the Hong Kong Police Force at 2860 5012.
"Members of the public are reminded not to access their Internet banking accounts through hyperlinks embedded in e-mails, Internet search engines or suspicious pop-up windows. Instead, they should access their Internet banking accounts by typing the website addresses at the address bar of the browser, or by bookmarking the genuine website and using that for access. If in doubt, they should contact their banks," said an HKMA spokesperson.
For further enquiries, please contact:
Thomas Chan, Senior Manager (Press), at 2878 1480 or
Hing-fung Wong, Manager (Press), at 2878 1802
Hong Kong Monetary Authority
25 March 2008