Monday, July 17, 2017

[Warning] HSBC Phishing Website

This morning, I received an SMS message which stated that my account had been locked up and asked me to login to verify with a given link (http://activation-hsbc.com/cgi).

I inspected the "login" page and found that it would redirect you to your real local HSBC Personal eBanking Login page. However, your credentials would be logged by javascript and you would be redirected to Deep Web (or Dark Web) where all your real ebanking transaction sessions would be hijacked.

The phishing website domain was registered yesterday and the data show that it is from Russia (may be fake). The IP address of the server is 185.151.245.43. The URL http://185.151.245.43/cgi will show the same content.

I think that it may be a global HSBC phishing website. Beware!

That's all! See you.


(Update) After 4 hours of the reporting : I got the following confirmation email from HSBC :

Dear Customer

Thank you for your e-mail of 17 July regarding an SMS you received claiming to be from HSBC.

We confirm that the SMS in question is NOT genuine HSBC message. We have reported this matter to our relevant department for their attention and necessary action.

To safeguard your interests, please do not reply or click the link inside the SMS. Please delete the SMS immediately.

Thank you once again for taking the time to bring your concern to our attention. We are pleased to be of service.

Yours faithfully


Cxxxxxxa Wong
Senior Customer Support Officer
Retail Banking and Wealth Management

The Hongkong and Shanghai Banking Corporation Limited