I Just got this emal from this address HSBC [security@online.hsbc.co.uk]

(phishing I Think)
http://asdasd1.coconia.net/image.jpg

Dear Customer,

Our Technical Service department has recently updated our online banking software, and due to this upgrade we kindly ask you to follow the reference given below to confirm your online account details. Failure to confirm the online banking details will suspend you from accessing your banking online.



http://hsbc.co.uk/1/2/personal/pib-home (phishing URL removed)



At HSBC, we use industry standard security technology and practices, focusing on three key areas – privacy, technology and identification to safeguard your account from any unauthorised access. The administration asks you to accept our apologies for the inconvience caused and expresses gratitude for cooperation. If you have any queries about this please call our Online Helpdesk on 0845 600 2290. Lines are open from 8am to 10pm every day.



Yours faithfully,



HSBC Internet Banking Technical Support

--

Please do not reply to this email address as it is not monitored and we will be unable to respond.
For assistance, log in to your HSBC Online Bank account and choose the "Help" link on any page.

© HSBC Bank plc 2005


I have firewalls and AV setup

Clicked the link ie went to this site

http://www.arlingtoon.com/www.hsbc.co.uk/1/2/personal/pib-home/

doesn't look good to me will print off and take to bank on monday









Admin edit (Stuart C): Disabled phishing link.

Yes it's a hoax. Spammed back :woot:

I have told HSBC that Iwill not respond to emails sent to me they use my mobile text message to send me offers or the online message that can only be read once you have logged in.

Yup very fishy!!!!

Yup very fishy!!!! I agree its got to be a red herring.

its an obvious fake, if you hover over and click the link, it actually has a diffarent fake URL at the start.

its an obvious fake, if you hover over and click the link, it actually has a diffarent fake URL at the start.

Yeah they didn't go to a great deal of trouble to mask it's a fake!!

for those of you who want to be safe this toolbar will warn you of suspicious websites.

http://toolbar.netcraft.com/

I have disabled the phishing link.


As a piece of advice to the members in general. In my experience, if banks need you to do anything to your account (for any reason), they will ask you to go to their main website (and you would be advised to TYPE this, not click on it), or go into your local branch.

ebay and paypal are the same, apart from the obvious fact they don't have any local branches to go to.

ebay and paypal are the same, apart from the obvious fact they don't have any local branches to go to.

I can't tell you how many dodgy emails I've had from ebay or paypal asking for my login details. It gets really tiresome forwarding them on to the sites themselves. I wonder if they ever catch the spammers?

Yep had emails from every bank going, and i'm not even a customer. :shrug:

I can't tell you how many dodgy emails I've had from ebay or paypal asking for my login details. It gets really tiresome forwarding them on to the sites themselves. I wonder if they ever catch the spammers?

Well the host being discussed in this thread has now had their hosting suspended... so i guess that's a start :)

Excellent!

for all the paypal, ebay etc scams, fake banks etc there is always the lad-vampire and mugu-marauder if you don't mind wasting bandwidth... but that is mainly for 419 stuff ;)

I have a surefire way of stopping these emails.

If you'd like to know, PM me your sort code, account number, PIN number and a scan of your signature.

:)

I Just got this emal from this address HSBC [security@online.hsbc.co.uk]
Admin edit (Stuart C): Disabled phishing link.
Now that's where a good email client comes in VERY handy.

I use Eudora, and apart from the fact that it simply ignores the most basic attempts at attack simply because they're Outlook exploits, it also highlights any 'links' which differ in their destination from the displayed info.

So, despite the fact that the email may indeed appear to be 'from' your bank, it is quite easy then to see it's a phishing attack.

Another way to look at it is like this; no reputable financial institution would send an email like that - i.e. (to my knowledge, so far) no bank/CC company etc. has EVER sent emails to their customers suggesting they should follow a link to divulge sensitive account details.

So, when I get them, I simply laugh and delete!

You should have left the link in, so people can fill it with cr*p.

You should have left the link in, so people can fill it with cr*p.


The link I deleted is actually furthur down the post (but is clearly marked as a phising link), but the account has been disabled now.

You should have left the link in, so people can fill it with cr*p.


The link I deleted is actually furthur down the post (but is clearly marked as a phising link), but the account has been disabled now.
furry muff. ;)

furry muff. ;)


:rofl::D LOL!

I say that ALL the time i love it.

furry muff. ;)

Hmmmm that means something completely different to me, given the thread is about HSBC!! Hmmmmm

Can I just ask a really stupid question...


I clicked on the second link in the email (the one saying arlington or something) to see what it leads to. Then I just had a thought, was that a stupid thing to do? Have I compromised security or anything?:erm:

No not stupid at all Claire! I think everyone would have clicked to have a look! The only time you would comprise is if you put all your passwords/user id into the site.

Can I just ask a really stupid question...


I clicked on the second link in the email (the one saying arlington or something) to see what it leads to. Then I just had a thought, was that a stupid thing to do? Have I compromised security or anything?:erm:
No, I click them all the time but I do use ff.
__________________

furry muff. ;)


:rofl::D LOL!

I say that ALL the time i love it.
thought that was just a midlands thing :dozey:

Ok thanks, phew! Didn't know if they got IP addresses or something...

No not stupid at all Claire! I think everyone would have clicked to have a look! The only time you would comprise is if you put all your passwords/user id into the site.
as if, i just put a load of rubbish in. fill their records up with nonsense and they have to sift all the carp out from the genuine stuff making it more workload and potentially putting them off phishing. Well idealistically.

Ok thanks, phew! Didn't know if they got IP addresses or something...

They're just after bank details. Your IP isn't of great value to them folks!!
__________________

as if, i just put a load of rubbish in. fill their records up with nonsense and they have to sift all the carp out from the genuine stuff making it more workload and potentially putting them off phishing. Well idealistically.

LOL I have never thought of doing that, sound's like fun!! LMAO:tu:

Ok thanks, phew! Didn't know if they got IP addresses or something...
Yeah but an IP is totally useless if you have a firewall or on a proxy. ;)