11 September 2024

HSBC warns against phishing email

The Hongkong and Shanghai Banking Corporation Limited would like to alert its customers to phishing emails purported to be from HSBC.

The phishing emails claim that customers have successfully activated the mobile security key and suggest customers to open the newly set up HSBC HK App on a specific device. The emails also provide a list of numbers for customers to call for details.

Below are the screen captures and email address of the phishing emails:

Phishing email address

HSBC <kaby@ecoethabitation.com>

Screen captures of the phishing emails




HSBC reminds customers that it has no connection to the phishing email. Customers should not reply, contact the sender, or open any links in the email. Similar phishing attempts may recur. HSBC reiterates that it will not send SMS or email messages with embedded links which direct customers to HSBC’s websites or mobile apps for account login, banking transactions, or submitting sensitive personal information and credit card details.

Customers are reminded to ensure they are connected to a valid HSBC site. The Bank’s Hong Kong domain is http://www.hsbc.com.hk. Customers should access banking services by typing this address into the browser search bar.

If customers are concerned, they should call the HSBC Personal Customer service hotline at 2233 3000 and report to the Police. “Scameter”, the government’s scam and pitfall search engine, is also available to help identify potential frauds.

Note to editors:

The Hongkong and Shanghai Banking Corporation Limited

The Hongkong and Shanghai Banking Corporation Limited is the founding member of the HSBC Group. HSBC serves customers worldwide from offices in 60 countries and territories. With assets of US$2,975bn at 30 June 2024, HSBC is one of the world’s largest banking and financial services organisations.


HSBC warns against phishing email (2-pages PDF 115 KB)