Email Fraud; Please confirm your bank accounts details?!?!

Dec 09, 2020

I remember back in the 90's I was able to memorise and remember over 100 telephone numbers of close friends and family members and never needed to search for a telephone number on my mobile or physical phone book. Times have changed now and we tend to memorise more passwords and account logon details for more platforms than we memorise telephone numbers of any kind.

In average we have roughly 10 login accounts for various platforms, suppliers and companies. Whether it’s your typical music application, Spotify, or your online Grocery shopping, or even your email account, we have an account for each one of these.

Some of us are rather smarter than the others and have different passwords for all accounts and some others, for the sake of convenience, have chosen the same password across all platforms which is not a good practice.

A good portion of these digital accounts contain personal information which are critical to be kept safe, such as your date of birth, answers to some of your security questions, bank account information, previous addresses etc. and on a regular basis they are required to be updated and requested quite frequently by the provider in order to keep your account secure, whether it be Spotify, G-mail or your online shopping grocery store.

The need to have your information updated on a regular basis has created a good opportunity for the fraudsters to imitate email messages or even phone calls that typically seem like that they have originated from the legitimate provider but are actually fraudulent ones which are intending to locate and retrieve information which you wouldn’t be handing out normally.

Here are 8 areas to look out for when you receive these email messages; (with examples)

1-Question the reason why you’ve received that email. Earlier today I received an email from HSBC Advising Service, I never knew that they actually have an ‘Advising Service’, and on the surface it’s looks all legit so far.

2-Review the original senders email address and ensure that it’s a legitimate one. So I opened up the email and noticed that the email address is bank@hsbci.co.uk – this is not a normal email address, especially since it’s coming from HSBCI, notice the letter ‘I’ at the end.

4-Before clicking on any link within the body of the email, hover over it and review the link? Do you recognize the link or does it perhaps point to a website which you’ve never visited?The screenshot below clearly shows that the destination link is certainly not an HSBC address and can contain malware or viruses, it’s best not to click on it and you should delete the email permanently. Here’s an example of an embedded link which on the surface seems to redirect you to the Google website but actually redirect you to BBC; click here to go to google.co.uk

5-Even if the email is genuine use the typical web links and account info you use to login to the portal to update your info rather than using the link that was provided within the email. In this instance, you can login to your HSBC account portal and review any instructions you are deemed to follow.

6-Ensure that your anti-virus program is fully up to date and scan any attachments prior to opening them up. Always ensure that you have an adequate antivirus program installed on your machines. Whether you are using a windows machines, Apple Mac or even linux you are required to have an anti virus program installed at all times.

7-Avoid forwarding the email message to anyone else. Forwarding the email to others, depending on the nature of the email can allow for the malware to spread even further.