Are you using the Help ‘?’ icons when making payments on HSBCnet?

Last updated: 2 May 2019

It’s very important to make sure that your HSBCnet payment instructions are accurate and complete. When payments are submitted with invalid or incomplete information, they may be delayed, rejected, or end up going to unintended beneficiaries.

To help you understand what kind of information you need to include, and to improve the accuracy of your payment instructions, HSBCnet provides on-screen Help ‘?’ icons next to various payment fields.

Simply hover over the icons with your cursor to see what information is required in the fields. This will help reduce the chances that your payment is rejected due to inaccurate and/or incomplete payment details.

We encourage you to use the HSBCnet Help icons wherever you see them to confirm that the information you provide in your payments is correct.

Here’s an example of some of the Help icons (select the image for full details):


(Select image to enlarge)

Note: these images are provided for demonstration purposes only. Your screens may look different based on your organisation’s requirements and the criteria that you select for a payment.

Find out more

If you have any questions, please contact your local HSBCnet Support Centre.

 

Back to top

Protect yourself online

Learn about our security tips

Online Security

Business Email Compromise: a growing Online Security threat

Last updated: 9 January 2019

At HSBC, we are committed to online security and helping our customers protect their businesses against fraud and theft. One of the ways we do this is by keeping you informed of emerging trends and threats among cybercriminals and fraudsters.

A business email compromise happens when a fraudster sends an email to your company’s payments team impersonating a contractor, supplier, creditor or even someone in your senior management. For instance, the payments team may receive:

  • An email appearing to be from the CEO asking that an urgent payment be made. This is often accompanied by a request for secrecy, directing the recipient not to discuss the matter with anyone else.
  • An email or forged letter from a supplier advising that their account numbers have changed, and instructing all future payments be sent to the new account.

In either case, it can be difficult to detect this type of fraud since cybercriminals make the sender’s email address appear to be the same as a known email address. Fraudsters may even hack into the actual email account of a particular user and send the email directly from there.

How you can take action

Start by making your payments team and/or relevant staff aware of this type of fraud so they can be looking out for it. In addition to this:

  • Implement payments security that includes a two-step verification process, which involves contacting the sender via an alternative method (e.g., phone, instant message)
  • Always use known contact details to follow up
    • Don’t reply directly to the email
    • Don’t use any phone numbers or other contact information included in the email

If you suspect you’ve been a victim of a business email compromise fraud, please contact your local HSBCnet Support Centre immediately. 

To find out more

See what else you can do to protect yourself online with our online security guides and tips.

 

Social Engineering: do you know how to spot a fraudster?

Last updated: 31 January 2019

Do you know who you're actually talking to on the other end of the phone? Does an email or text message look genuine? Be vigilant. Thieves now have various clever ways to steal information for fraudulent purposes. Read on to learn how to protect your organisation from fraudsters.

These tactics are known as social engineering, and it's on the rise.

What you need to know

Fraudsters use various techniques to get information, including:

  • Phishing – email
  • Smishing – text messages
  • Vishing – phone conversation.

Phishing

Emails may create a sense of fear, urgency or opportunity to encourage recipients to click on a link or open an attachment that then infects their machine with a virus or malware. This then allows criminals to steal information or money and/or disrupt a computer system.

While many fraudsters act randomly, some target specific groups of employees or customers. This is called spear phishing. One example is CEO fraud, where criminals impersonate senior executives and instruct colleagues to transfer money to them.

Another tactic is payment diversion fraud. Criminals will send an email claiming to be from a supplier. It says its bank details have changed so funds should be transferred to another account instead. Don't reply to these emails. Always take the extra step of verifying any requests through an alternative communication method.

Smishing

Text messages may claim that your bank suspects there has been fraudulent activity on your account, that you are in trouble with tax authorities, or have won some money.

Smishing texts typically request urgent action, which often means clicking on a malicious link that in turn enables data theft. Spam filters stop many phishing emails from reaching inboxes, but no mainstream solution yet exists to prevent texts from reaching their intended target.

Vishing

Fraudsters will often create a sense of panic to get a quick response over the phone. They may pretend to be a colleague or a customer in a rush or requiring urgent assistance.

Fraudsters may call you pretending to be from HSBC. They may try to direct you to perform actions which would enable unauthorised payments to be sent to the criminal. This could include providing security codes generated from your token.

What you can do

It is important that you raise awareness of the potential impact of social engineering within your organisation, and implement a policy for reporting suspected cases.

Top tips to stay safe from social engineering:

  • Never share financial or company information with people you don't know
  • Don't be rushed into making a quick decision
  • Never click on links in text messages or emails, or open or download attachments, unless you are sure they are safe
  • Be careful about the information you share on social media as this can provide fraudsters with many small pieces of information that make a bigger picture
  • Always call phone numbers you know and have checked. If someone claims to be a colleague, check their name on your organisation’s staff directory and call them back on their internal telephone number
  • Forward any suspicious emails to @hsbcnet.phishing@hsbc.com

Learn how to spot suspicious calls, texts and emails.

Under no circumstances will HSBC ever ask you to ask you to divulge any of your security details over the phone, by text message or via email.

If you are ever doubtful about your HSBCnet activities or the authenticity of incoming telephone calls, texts or emails purporting to be from HSBC, please call your local HSBCnet Support Centre or your HSBCnet Representative for further verification.

 

Back to top

Information on HSBCnet service maintenance windows

Last updated: 26 August 2019

calendar_iconBelow is a calendar of our planned maintenance windows for the next three months during which there will be a full HSBCnet maintenance period to accommodate maintenance work.*

At times, it is necessary to schedule non-regular maintenance windows to perform special types of maintenance. We will provide notification of both planned and unplanned maintenance windows in the HSBCnet News (Service Updates) section of the HSBCnet home page.

Full maintenance window begins
Full maintenance window ends
Saturday, 7 September 2019 at 14:00 GMT
Sunday, 8 September 2019 at 03:00 GMT
Saturday, 19 October 2019 at 17:00 GMT
Sunday, 20 October 2019 at 03:00 GMT
Saturday, 16 November 2019 at 18:00 GMT
Sunday, 17 November 2019 at 04:00 GMT

*Maintenance window dates, beginnings and ends may be subject to change (with notice) to accommodate maintenance requirements.

The schedule for upcoming HSBCnet maintenance is also available via the links below:

English | Deutsche | En français | En español | 繁體中文 | 简体中文 | Bahasa Indonesia

Note: in the week prior to a service maintenance period, a notification confirming the maintenance window will be available post-logon in HSBCnet. Please review this information in advance of any planned maintenance period to confirm the date and time.

 

Back to top

The postal address for related inquiries is:
HSBC - GLCM Digital
8 Canada Square
London UK E14 5HQ

This communication is provided by HSBC Bank plc on behalf of the member of the HSBC Group that has contracted with your organisation for the provision of HSBCnet services. You received this email notification because you are a registered user of HSBCnet. Should you have any concerns regarding the validity of this message, please contact your local HSBCnet customer support.

We maintain strict security standards and procedures to prevent unauthorised access to information about you. HSBC will never contact you by email or otherwise ask you to validate personal information, such as your username, password or account numbers. If you receive such a request, please call your local HSBCnet customer support. Links within our emails will only take you to information pages.

If you wish to unsubscribe from receiving service information from HSBCnet, please select here.

© Copyright. HSBC Bank plc 2019. All rights reserved.

Privacy & Data Protection Statement | Terms & Conditions

Deutsche | En español | En français (Canadian) | En français (European) | 繁體中文 | 简体中文