The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to e-mails purporting to be sent from the Hongkong and Shanghai Banking Corporation Limited (HSBC). The e-mails invite customers to use an embedded hyperlink (for example, "http://commercial.hsbc.hk.verification.online-services-2whgr964x.serversecuriryupd.com/securities-services.htm?/launchpad/LOGIN=s3x4la2o") to connect to a fraudulent website, where a malicious programme is embedded. The fraudulent website looks similar to HSBC's Business Internet Banking logon webpage. HSBC has issued a press release today (Tuesday) to clarify that the bank has not sent these e-mails to its customers and has no connection with the fraudulent website.
HSBC has already reported the case to the Hong Kong Police Force for investigation. Anyone who has provided his or her personal information to the website, or has conducted any financial transactions through the website should contact HSBC at 2748 8288 for Business Internet Banking users or 2233 3000 for Personal Internet Banking customers and any local Police Station or the Commercial Crime Bureau of the Hong Kong Police Force at 2860 5012.
Members of the public should be alert to the possibility of similar fraudulent emails and should always exercise care in giving out personal or account information.
For further enquiries, please contact:
Thomas Chan, Communications Chief, at 2878 1480 or
Peggy Lo, Manager (Communications), at 2878 1687
Hong Kong Monetary Authority
17 February 2009