First published: 29th May 2019
Standard Chartered customers in Hong Kong are being targetted with an email claiming that their "online access will be discontinued and deleted from our server on 31th May 2019, due to failure to comply with our online update regulations." A form asking for sensitive personal data, including HKID, login password, credit card details and email password, is attached. If submitted, the form would send the data to http://janssen-recycling.info/wp-includes/images/pud.php where a Standard Chartered-branded webpage thanks the user for completing the update form.
Not surprisingly, Standard Chartered does not use the janssen-recycling.info domain, and any details entered are likely to be collected by criminals and misused. Janssen Recycling appears to be a recycling company in the Netherlands, that is probably entirely unaware of how their website is being misued.
Victims should contact the Police and Standard Chartered Bank as soon as possible.