First published: 24th May 2016
Standard Chartered Bank (HK) Limited has issued a warning about a phishing email and linked fraudulent website. The email advised customers to click on a "VERIFY MY ACCOUNT" link, which led to a page, cachoeiradoouro.com.br/cgi-sys/suspendedpage.cgi?id=hk, asking for e-banking account, password, transaction password, ATM card number and ATM PIN. Obviously, this is highly sensitive information that could be used for fraudulent transactions. The website had been removed at the time of writing.
Standard Chartered advised customers that it does not request customers' personal information (including user names and passwords) by email. It also does not request passwords, such as One-Time passwords, over the phone. Customers should log in to Standard Charter's Online Banking through its website, https://www.sc.com/hk/, and not through hyperlinks embedded in emails or third-party websites. Customers should verify they are connected to the real Standard Chartered website (e.g., by checking the SSL certificate) before entering sensitive information.
Victims should report the incident to the Police.