Top of main content

Helping you stay safe online

HSBC aims to ensure your money is always kept safe from fraud, and we want you to be aware of the different ways fraudsters may try to steal your money.

Meet the Faces of Fraud

Fraudsters can fake anyone or anything. To help you feel more prepared when these criminals come calling, we’ve created a series of tutorials that teaches you the tricks they use to steal your money.

Helping you stay safe online

Get to know them.  Learn their tricks.

Fraudsters are always finding new ways to manipulate you. And take your money. So who better to reveal their secrets, than the fraudsters themselves?


We used a ground-breaking AI that predicts a fraudster’s face based on their actual voice recording. The AI analysed the fraudster’s unique voice pattern and generated their portrait. These Faces of Fraud were then brought to life using digital reconstructions, so they could teach us their tricks.

How do fraudsters operate?

Fraudsters exploit human nature - behaviours that come naturally to us. Key to this is the manipulation of trust - gaining a target's trust and getting them to disclose information that should be kept secure


Dating sites have become a popular place for fraudsters to lurk. Their goal is to bond with you emotionally so you’re more willing to send them money and listen to your heart, rather than your head.


There are many types of investment platforms online and all of these can fall prey to fraudsters. They lure you in with pretend financial products and easy gains to give you false confidence. But suddenly your portfolio vanishes, leaving you with nothing.


As online payments increase, fraudsters are responding by creating authentic looking websites to catch unsuspecting buyers. These criminals are masters at making a fake purchase look genuine.


Fraudsters have become so sophisticated they can convince you they’re working for your bank’s fraud team. With clever reassurances, they can make you hand over your money to them under the guise of making your account ‘safer’.

Common fraud methods


Phishing involves fraudsters sending an unsolicited e-mail that appears to be from your bank or an online retailer requesting you to update your personal and financial information such as date of birth, online login information, account details, credit card numbers, PINs etc.

The e-mail may contain a link that takes you to a website that looks identical (or very similar) to the organisation's genuine site. Fraudsters can then capture personal data like passwords as you type it in or download malware onto your computer.

Smishing (SMS Phishing)

Smishing involves text messages sent by fraudsters that look like they have come from your bank to trick you into giving over your personal and financial information (by calling a number or clicking a link). Fraudsters also use 'text spoofing' to deliberately falsify the telephone number to appear as 'HSBC' to seem like a genuine bank sms.


Fraudsters call out of the blue claiming that a fraud has already happened, or may be imminent. They may already have some information about you, and may pose as bank staff, the police and other officials or companies in a position of trust. The fraudster will then try to persuade you to:

  • Transfer money to another account for 'safekeeping' or 'holding'
  • Withdraw cash and hand it over 'for investigation' 
  • Divulge private information, which can then be used to gain access to your finances

SIM Swap

SIM Swap Fraud is when a fraudster duplicates the SIM of your mobile number without your knowledge or authorization. This allows the fraudster to receive all your calls and text messages, obtain personal details and then conduct financial transactions with your bank.

Redirection of Funds

Redirection of Funds is when an individual receives a payment request via email that appears genuine but is in fact fraudulent.

The email and phone numbers mentioned in these videos are just examples. If you think an email or text message isn't genuine, or if you think you've been a victim of a phishing, smishing or vishing scam, please contact Or call us on the number on the back of your debit or credit card.

Be vigilant - warning signs to look out for

  • Be wary of unsolicited approaches by phone, especially if you are asked to provide personal information
  • Beware of unsolicited e-mails or SMS messages asking you to update or verify your personal details, Personal Internet Banking login or security details such as Secure Key passwords/values or Credit Card Debit Card PINs. HSBC will never request this type of information
  • Beware of instructions to reply, complete a form or document attached to the email or click, through to a website in order to verify your account
  • Links within emails or SMS from HSBC will never take you directly to our login page and will always take you to information pages

How to protect yourself

  • Don't open attachments or click on links if you suspect they may not be genuine
  • Never share your security details such as PIN or passwords with anyone
  • Install anti-virus software and keep it up-to-date to protect you against viruses such a malware, trojans, spyware and adware
  • Keep your browser up-to-date as modern browser software adds protection against fake websites
  • Keep your software up-to-date as it's harder for viruses to infect updated software
Listening to what you have to say about services matters to us. It's easy to share your ideas, stay informed and join the conversation.