Stay vigilant as the FIFA World Cup Qatar 2022™ approaches

As Qatar prepares to host the FIFA World Cup Qatar 2022™, cyber attacks targeting customers that use electronic banking channels, such as HSBCnet, may increase as fraudsters attempt to exploit this event for criminal gain.

At this time, be extra vigilant in your online activity to help make sure that you remain protected.

Phone calls and emails can be used maliciously to facilitate theft and fraud. Fraudsters will often create a sense of panic to get a quick response. Targeting organisations, they may pretend to be a senior colleague or a customer in a rush or requiring urgent assistance.

They may try to direct you to perform actions which would enable unauthorised payments to be sent to the criminal. This could include asking for security codes.

In addition, please be wary of any requests from your beneficiaries (by email, phone or otherwise) to change their banking details. The request may be an attempt to divert payment funds to a fraudulent account. Learn more about this type of fraud (known as business email compromise)

If in doubt, please remember:

• HSBC employees will never request information that could be used to make a payment such as Security Device details (other than the serial number on the back of physical tokens), account numbers, passwords, etc.
• Never provide the code generated from your Security Device or the HSBCnet mobile app to anybody, including HSBC employees or your own colleagues.
• We will never ask you to divulge any of your security details (for example, the one-time security code from your Security Device or mobile device) by phone, text message, or email.
• Never share financial or company information with people you don't know; don't be rushed into making a quick decision.
• Never click on links in emails, or open or download attachments, unless you’re sure they are safe.
• Be wary of any requests from your beneficiaries to change their banking details. Always take the extra step of checking directly with your supplier through an alternative method (other than email), such as a phone call to a trusted source in the company.
• If you are using a credit card, don’t let your card out of your sight and never disclose your PIN to anyone, including the police or a bank employee (HSBC staff will never ask for your PIN).

If you experience any of the following events, a malware attack may be underway:

• When logging on to HSBCnet, you’re presented with a message saying that HSBCnet is unavailable AFTER you have entered your username and security credentials. Alternately, the error message might give a set time that HSBCnet will return e.g. 15 minutes.
• You’re presented with a security check or verification screen that requires you to wait.
• You’re prompted repeatedly to re-enter your username, password or security code.
• You see any screens that you think are unusual or are missing information.

If you experience any of these or other suspicious events, please contact your local HSBCnet Support Centre immediately. Visit our ‘Customer Support’ page to find local contact details.

For further information on how to protect yourself and your organisation from cyber attacks, visit our Online Security page.

FIFA World Cup Qatar 2022 is a trademark and brand of Fédération Internationale de Football Association (FIFA), Zürich 8044, Switzerland.