This was reported by Help Net Security, which also shared the screenshot below:
|Credits to Help Net Security|
Customers received an email that purported that someone has tried to access the user's account and failed, and the bank suspended the account in the interest of customer security.
However, the link listed in the email takes the victim to a phishing site made to look like HSBC's secure login page. Customers were then asked to input their personal account information, which included their user ID, name, date of birth, security number, account number and ATM pin to rpove their identity.
After the information was submitted, customers were redirected to the bank's legitimate page. However, by this time, the information was simultaneously sent to the phisher.
Key Indications of a Secure Website
For customers, protect yourself by looking out for a few key signs in your address bar:
|Image from GMO GlobalSign|
The standard HTTP is changed to HTTPS, automatically telling the browser that the connection between the server and browser must be secured using SSL.
When visitors click on the padlock, a window will appear confirming the Certificate Authority and the details of the website owner, helping visitors verify that the website is really the company it claims to be.
Protect yourself with EV SSL
As phishing attacks continue to increase, any company providing customers with an account / login is a potential phishing target. EV SSL helps protect your customers at the point of logging in by assuring them they’re on the real site and not a phishing site.
Elevate your site image
It doesn’t have to just be major brands that benefit from EV SSL. Sites using EV SSL not only protect their brand but increase the level of trust and confidence that they’re a legitimate entity. And if visitors trust your web site is authentic, they’re more likely to have the confidence to buy from you. Using EV SSL helps even relatively small sites compete on a level playing field to larger, more established brands.
We hope this helps!