Fraudulent supplier requests

It's a good idea to be wary of any requests from your suppliers (via e-mail, phone, letter or otherwise) to change their banking details. Whilst these can be genuine requests, it may also be an attempt to divert payment funds to a fraudulent account.

Increasingly fraudsters are disguising themselves as legitimate suppliers and asking unsuspecting customers to change their bank account information. As a precaution, if you get such a request, always take the extra step of checking directly with your suppliers.

You can do this by:

  • Calling a trusted source in your supplier’s company on a known phone number (not one listed on the document requesting the change of bank details).

  • E-mailing your supplier on a known e-mail address; do not respond to the e-mail address which sent you the change of bank details.

In some cases, the fraudulent request to change supplier information or make a payment to an unfamiliar account supposedly comes from your own organisation's CEO, President or other administrator. When reviewing any type of payment instructions from an internal source, ensure the request uses your organisation's official channels and follows authorised processes and procedures.

If in doubt, do not make the payment.

Courier scams

Rather than telling you to destroy your card, fraudsters are arranging for a courier to come round to your house to collect the card. They will also ask you to write down your PIN and hand it to the courier. To add credibility the fraudster may even advise you to cut the card in half.

Please note that:

  • We will NEVER ask for your card and PIN to be returned, via courier.

  • You should NEVER divulge your PIN to anyone, even someone claiming to work for the bank.

  • HSBC’s fraud detection teams will only ask for partial information, so for example, they will never ask for full address or full date of birth.

To ensure that we can make prompt contact should anything look untoward on your account, please provide HSBC with up-to-date contact details including a mobile telephone number.


Call spoofing is a technique where by the fraudster fakes the phone number on caller ID to give the impression that you are being contacted by a genuine HSBC number. The phone number showing on your mobile/call ID screen will look very similar to a bank phone number but may have extra zeros at the front, eg 00845 70 70 70 rather than 0845 70 70 70.

Customers who may be wary of unsolicited calls are told by the fraudster to check the caller ID screen for re-assurance that the call is genuine. The fraudster then advises the customer that their account has been compromised, often claiming that payments have already debited or that funds are at risk. The fraudster then instructs the customer to transfer money into a “safe” account to protect their funds from further attack. The fraudster may allege bank staff are involved or that the customer will lose their money if they do not do exactly as instructed.

As with all unsolicited phone calls we advise customers to terminate the call and contact the bank either on a different phone line or after waiting 10 minutes to ensure the line is properly disconnected. Alternatively visit a branch to discuss your concerns and confirm if the call was genuine.


This involves a fraudster making phone calls to a victim, posing as bank staff, the fraud investigation team, police etc. The call is made to obtain personal financial information, which often includes credit/debit card details (including PIN), bank account details and personal information such as full name, date of birth and/or address. This information is then used to gain access to their victim`s finances.

Investment or share sale (boiler room) fraud

Boiler room fraud is the common name for illegal and/or aggressive mis-selling of worthless, bogus or vastly overpriced stocks and shares or those traded in very limited volumes/markets. The sole purpose of the exercise is to defraud unwitting investors. If the victim does decide to deal with a share sale fraudster, they will almost certainly lose any money invested and will not be entitled to compensation.

These scams can come in many forms however there are a number of common factors you should look out for. These include:

  • Unsolicited approaches

  • Unrealistically high returns offered for “low risk” investments

  • No independent evidence of the validity of the scheme

  • Pressure to make quick decisions

  • Instructions to keep the approach confidential

  • Telephone numbers quoted are often untraceable mobiles

If it sounds too good to be true – it usually is.

Advance fee or ‘419 fraud’

This involves unsolicited letters and e-mail messages offering the recipient a generous reward for helping to move large sums of money, usually in US dollars. These funds are said to be anything from corporate profits, accumulated bribes or unspent government funds to unclaimed money belonging to a deceased person. The fraudsters are trying to obtain your banking details. The transactions typically require the recipient of the letter or e-mail message to pay something like a fee/tax/bribe to complete the deal – this is the advance fee. However, any fees paid will be lost.

Lottery fraud

This involves letters or e-mail messages which advise the recipient that they have won a prize in a lottery. To obtain the funds, they are asked to respond to the letter or e-mail message. A request will then be made for the recipient to provide his bank account details to allow for funds to be transferred. The recipient may also be asked to pay a handling/processing fee. If paid, this fee will be lost. Also, any details given will probably be used to commit further fraud.

Keystroke capturing/logging

Anything you type on a computer can be captured and stored. This can be done using a hardware device attached to your computer or by software running almost invisibly on the machine. Keystroke logging is often used by fraudsters to capture personal details including passwords. Some recent viruses are even capable of installing such software without the user's knowledge.

The risk of encountering keystroke logging is greater on computers shared by a number of users, such as those in internet cafes. An up-to-date anti-virus software program and firewall will help remove the harmful software before it can be used.


Pharming is when a fraudster creates false websites in the hope that people will visit them by mistake. People can sometimes do this by mistyping a website address–or sometimes a fraudster can redirect traffic from a genuine website to their own. The 'pharmer' will then try to obtain your personal details when you enter them into the false website.