Home Help Security centre Fraud awareness Email scams Current Page

Email scams (Phishing)

  • What are email scams?


    Fake emails (also known as Phishing) are a common tactic used by scammers. At first glance, they may seem genuine. However, look closer and they will urge you to share your personal details, enter confidential information or click through to fake websites.

    Common examples of phishing emails include threats to deactivate one of your online accounts, proposals to send you money in return for your account details, blackmail emails stating you’ve accessed illegal content or offers of tech support to help you with cyber fraud or viruses.

    Fake emails (also known as Phishing) are a common tactic used by scammers. At first glance, they may seem genuine. However, look closer and they will urge you to share your personal details, enter confidential information or click through to fake websites.

    Common examples of phishing emails include threats to deactivate one of your online accounts, proposals to send you money in return for your account details, blackmail emails stating you’ve accessed illegal content or offers of tech support to help you with cyber fraud or viruses.

More than 84,000 people were scammed out of £228m in 2018*

  • How to spot the signs


    • hovering over the sender’s name reveals a random address
    • the email doesn’t refer to you by name, but is addressed to your email account or “dear valued customer”
    • there are suspicious links or attachments within the email
    • the email urges you to share personal information, send a payment or click a link
    • the content mentions that you are owed a refund, have won a prize, or need to act urgently.
    • hovering over the sender’s name reveals a random address
    • the email doesn’t refer to you by name, but is addressed to your email account or “dear valued customer”
    • there are suspicious links or attachments within the email
    • the email urges you to share personal information, send a payment or click a link
    • the content mentions that you are owed a refund, have won a prize, or need to act urgently.
  • How to stay safe


    • it may seem obvious but look closely for unusual spelling errors and grammatical mistakes 
    •  never click on embedded links or attachments. If in doubt, contact the people directly to confirm
    •  if you are expecting to make a payment to someone and receive an email, double-check that the email is genuine by calling the individual or company first on a number that you have used before
    •  hover over email addresses and links before opening them (or press and hold on tablet or mobile)
    •  always keep your anti-virus software up to date.
    • it may seem obvious but look closely for unusual spelling errors and grammatical mistakes 
    •  never click on embedded links or attachments. If in doubt, contact the people directly to confirm
    •  if you are expecting to make a payment to someone and receive an email, double-check that the email is genuine by calling the individual or company first on a number that you have used before
    •  hover over email addresses and links before opening them (or press and hold on tablet or mobile)
    •  always keep your anti-virus software up to date.
  • The email says it's from first direct - is it?


    If we contact you by email, we will never ask you to enter or confirm your security details. We will only send you emails from the following email addresses:

    • 24hours@firstdirect.com
    • important@information.firstdirect.com
    • email@email.firstdirect.com
    • noreply@email.firstdirect.com
    • 24hours@mail.firstdirect.com
    • newsletter@mail.firstdirect.com
    • switcher gift registration and order emails will come from: noreply@hellogift.firstdirect.com
    • 'Give me a break' gift registration and order emails will come from noreply@givemeabreak.firstdirect.com
    • if you’ve been speaking to us about moving house, remortgaging, changing rates or borrowing more, your mortgage documents will be sent to you from one of the following addresses; mortgage@firstdirect.com, mortgage.offers@firstdirect.com or echosign@echosign.com.

    Additionally we always include the last three digits of your postcode at the bottom of all first direct emails so you can confirm that it's valid. If you've received an email that doesn't include this information, it is not from first direct. Please forward the email to phishing@hsbc.co.uk so we can investigate it and help prevent further instances of phishing or if you'd like to discuss this, simply give us a call anytime on 03 456 100 100.

    How do they get my email address?

    Not from us. Lists of live email addresses are bought or swapped between unscrupulous parties.

    How do they know where I bank?

    They don't, but unfortunately if they send enough emails they're bound to reach some customers.

    If we contact you by email, we will never ask you to enter or confirm your security details. We will only send you emails from the following email addresses:

    • 24hours@firstdirect.com
    • important@information.firstdirect.com
    • email@email.firstdirect.com
    • noreply@email.firstdirect.com
    • 24hours@mail.firstdirect.com
    • newsletter@mail.firstdirect.com
    • switcher gift registration and order emails will come from: noreply@hellogift.firstdirect.com
    • 'Give me a break' gift registration and order emails will come from noreply@givemeabreak.firstdirect.com
    • if you’ve been speaking to us about moving house, remortgaging, changing rates or borrowing more, your mortgage documents will be sent to you from one of the following addresses; mortgage@firstdirect.com, mortgage.offers@firstdirect.com or echosign@echosign.com.

    Additionally we always include the last three digits of your postcode at the bottom of all first direct emails so you can confirm that it's valid. If you've received an email that doesn't include this information, it is not from first direct. Please forward the email to phishing@hsbc.co.uk so we can investigate it and help prevent further instances of phishing or if you'd like to discuss this, simply give us a call anytime on 03 456 100 100.

    How do they get my email address?

    Not from us. Lists of live email addresses are bought or swapped between unscrupulous parties.

    How do they know where I bank?

    They don't, but unfortunately if they send enough emails they're bound to reach some customers.

Worried that you've been targeted?

If you think you've been the victim of any scam, it's important to call us as soon as possible.

Call 03 456 100 100 (Lines are open 24/7, 365 days a year).