HSBC Phishing Scam - You Have 1 New Security Message
[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
VERY IMPORTANT INFORMATION, READ THIS FIRST: The example and associated information published on this page are subject to the SHPAMEE Terms Of Use. Please familiarise yourself with these terms before viewing or using any information on this page.
Header:
X-Apparently-To: x via 206.190.38.214; Mon, 07 Jul 2008 20:29:23 -0700
X-YahooFilteredBulk: 203.210.240.102
X-Originating-IP: [203.210.240.102]
Authentication-Results: mta134.mail.re1.yahoo.com from=hsbc.co.uk; domainkeys=neutral (no sig)
Received: from 203.210.240.102 (EHLO ptc.com.vn) (203.210.240.102)
by mta134.mail.re1.yahoo.com with SMTP; Mon, 07 Jul 2008 20:29:23 -0700
Received: from ptc.com.vn (ptc.com.vn [127.0.0.1])
by ptc.com.vn (8.13.1/8.13.1) with ESMTP id m683OVuQ019126
for <x>; Tue, 8 Jul 2008 10:24:31 +0700
Received: (from apache@localhost)
by ptc.com.vn (8.13.1/8.13.1/Submit) id m683OVGS019124;
Tue, 8 Jul 2008 10:24:31 +0700
Date: Tue, 8 Jul 2008 10:24:31 +0700
To: x
Subject: Alert! You Have 1 New Security Message
From: HSBC Bank Plc <alert@hsbc.co.uk>
MIME-Version: 1.0
Content-type: text/html; charset=iso-8859-1
Content-Transfer-encoding: 8bit
Reply-To: HSBC Bank Plc <alert@hsbc.co.uk>
X-Priority: 1
X-MSmail-Priority: High
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
Content-Length: 746
X-YahooFilteredBulk: 203.210.240.102
X-Originating-IP: [203.210.240.102]
Authentication-Results: mta134.mail.re1.yahoo.com from=hsbc.co.uk; domainkeys=neutral (no sig)
Received: from 203.210.240.102 (EHLO ptc.com.vn) (203.210.240.102)
by mta134.mail.re1.yahoo.com with SMTP; Mon, 07 Jul 2008 20:29:23 -0700
Received: from ptc.com.vn (ptc.com.vn [127.0.0.1])
by ptc.com.vn (8.13.1/8.13.1) with ESMTP id m683OVuQ019126
for <x>; Tue, 8 Jul 2008 10:24:31 +0700
Received: (from apache@localhost)
by ptc.com.vn (8.13.1/8.13.1/Submit) id m683OVGS019124;
Tue, 8 Jul 2008 10:24:31 +0700
Date: Tue, 8 Jul 2008 10:24:31 +0700
To: x
Subject: Alert! You Have 1 New Security Message
From: HSBC Bank Plc <alert@hsbc.co.uk>
MIME-Version: 1.0
Content-type: text/html; charset=iso-8859-1
Content-Transfer-encoding: 8bit
Reply-To: HSBC Bank Plc <alert@hsbc.co.uk>
X-Priority: 1
X-MSmail-Priority: High
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
Content-Length: 746
Body:
Dear Value Customer,
You have 1 new security message waiting in your Inbox Folder.
Click here to read
Best Regards.
HSBC Online Banking Security Department Team.
* Please do not reply to this email as your reply will not be received.
PS: To switch off email notifications of new messages, go to 'My Account' after you've logged in .
2008 HSBC | HSBC Online Banking. All Rights Reserved.
Comments:
Related Cyber Criminal Profiles:
No related profiles found.Similar Spam Examples:
Banking Phishing Scam - HSBC Customer Service MessageOrchard Bank Phishing Scam Account Alert Statement Available
Chase Online Banking Phishing Scam - You Have New Mail
Myspace Phishing Scam - Security updates
Bank of America Alert Account Has Insufficient Fund
Related Malware Samples:
No related malware samples found.[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
It is already clear from the very first line, that this e-mail did not originate from HSBC.
Click here to read
Do you really think HSBC will go through all the trouble of sending an e-mail to tell you that there is some kind of new security message in your Inbox Folder? What Inbox Folder? This e-mail is not your normal request to update your personal information or to lift some kind of restriction placed on your account. No they want you to log onto your online banking account and read some kind of security message. Novice users may easily see this as a legitimate e-mail, because it doesn't contain the normal characteristics of a banking phishing scam. Most financial services providers will never send any kind of login request or a link to a login page via e-mail. The small number of banks who still do, need to catch a wakeup.
It doesn't take a rocket scientist to figure this one out.
The scammer's last attempt to claim a victim. If the victim didn't bite the story about the security alert (or wasn't bothered by it), perhaps he/she will have the desire to disable these alerts. If you really want to log onto you online banking account, never use the link supplied in the e-mail, visit the official HSBC website and use the log on option from there.
Did you notice that the e-mail appears to be pasted as a quotation (in Firefox only). We are not exactly sure if this was done intentional by the scammer or whether the e-mail became corrupted when it was reported to us. Either way, we believe that an organisation like HSBC will always make sure that their e-mails uphold a high level of professionalism, something that is obviously missing from this e-mail.