Home Help Security centre Fraud awareness Email scams Current Page

Email scams (Phishing)

  • What are email scams?


    Fake emails (also known as Phishing) are a common tactic used by scammers. At first glance, they may seem genuine. However, look closer and they will urge you to share your personal details, enter confidential information or click through to fake websites.

    Common examples of phishing emails include threats to deactivate one of your online accounts, proposals to send you money in return for your account details, blackmail emails stating you’ve accessed illegal content or offers of tech support to help you with cyber fraud or viruses.

    Fake emails (also known as Phishing) are a common tactic used by scammers. At first glance, they may seem genuine. However, look closer and they will urge you to share your personal details, enter confidential information or click through to fake websites.

    Common examples of phishing emails include threats to deactivate one of your online accounts, proposals to send you money in return for your account details, blackmail emails stating you’ve accessed illegal content or offers of tech support to help you with cyber fraud or viruses.

In the first half of 2021, over 106,000 people were scammed out of £355million. This is an increase of over 70% on the same period in 2020*.

  • How to spot the signs


    • hovering over the sender’s name reveals a random address
    • the email doesn’t refer to you by name, but is addressed to your email account or “dear valued customer”
    • there are suspicious links or attachments within the email
    • the email urges you to share personal information, send a payment or click a link
    • the content mentions that you are owed a refund, have won a prize, or need to act urgently.
    • hovering over the sender’s name reveals a random address
    • the email doesn’t refer to you by name, but is addressed to your email account or “dear valued customer”
    • there are suspicious links or attachments within the email
    • the email urges you to share personal information, send a payment or click a link
    • the content mentions that you are owed a refund, have won a prize, or need to act urgently.
  • How to stay safe


    • it may seem obvious but look closely for unusual spelling errors and grammatical mistakes 
    •  never click on embedded links or attachments. If in doubt, contact the people directly to confirm
    •  if you are expecting to make a payment to someone and receive an email, double-check that the email is genuine by calling the individual or company first on a number that you have used before
    •  hover over email addresses and links before opening them (or press and hold on tablet or mobile)
    •  always keep your anti-virus software up to date.
    • it may seem obvious but look closely for unusual spelling errors and grammatical mistakes 
    •  never click on embedded links or attachments. If in doubt, contact the people directly to confirm
    •  if you are expecting to make a payment to someone and receive an email, double-check that the email is genuine by calling the individual or company first on a number that you have used before
    •  hover over email addresses and links before opening them (or press and hold on tablet or mobile)
    •  always keep your anti-virus software up to date.
  • The email says it's from first direct - is it?


    If we contact you by email, we will never ask you to enter or confirm your security details. We will only send you emails from the following email addresses:

    • 24hours@firstdirect.com
    • important@information.firstdirect.com
    • email@email.firstdirect.com
    • noreply@email.firstdirect.com
    • 24hours@mail.firstdirect.com
    • newsletter@mail.firstdirect.com
    • noreply@rewards.firstdirect.com
    • firstdirect@messaging.firstdirect.com
    • contribute@voice-your-views.first direct.com - emails from this address will link to our survey partner, Maritz, their website address is: https://retail.voice-your-views.hsbc.com/cgi-bin/qwebcorporate.dllWe’d love to hear your views if you’ve received one of our invitations to take part in a survey.   
    • 'Give me a break' gift registration and order emails will come from noreply@givemeabreak.firstdirect.com
    • if you’ve been speaking to us about moving house, remortgaging, changing rates or borrowing more, your mortgage documents will be sent to you from one of the following addresses; mortgage@firstdirect.com, mortgage.offers@firstdirect.com or adobesign@adobesign.com.

    If you don't believe an email to be from first direct, then please forward the email to phishing@hsbc.com so we can investigate it and help prevent further instances of phishing or if you’d like to discuss this, simply give us a call anytime on 03 456 100 100.

    How do they get my email address?

    Not from us. Lists of live email addresses are bought or swapped between unscrupulous parties.

    How do they know where I bank?

    They don't, but unfortunately if they send enough emails they're bound to reach some customers.

    If we contact you by email, we will never ask you to enter or confirm your security details. We will only send you emails from the following email addresses:

    • 24hours@firstdirect.com
    • important@information.firstdirect.com
    • email@email.firstdirect.com
    • noreply@email.firstdirect.com
    • 24hours@mail.firstdirect.com
    • newsletter@mail.firstdirect.com
    • noreply@rewards.firstdirect.com
    • firstdirect@messaging.firstdirect.com
    • contribute@voice-your-views.first direct.com - emails from this address will link to our survey partner, Maritz, their website address is: https://retail.voice-your-views.hsbc.com/cgi-bin/qwebcorporate.dllWe’d love to hear your views if you’ve received one of our invitations to take part in a survey.   
    • 'Give me a break' gift registration and order emails will come from noreply@givemeabreak.firstdirect.com
    • if you’ve been speaking to us about moving house, remortgaging, changing rates or borrowing more, your mortgage documents will be sent to you from one of the following addresses; mortgage@firstdirect.com, mortgage.offers@firstdirect.com or adobesign@adobesign.com.

    If you don't believe an email to be from first direct, then please forward the email to phishing@hsbc.com so we can investigate it and help prevent further instances of phishing or if you’d like to discuss this, simply give us a call anytime on 03 456 100 100.

    How do they get my email address?

    Not from us. Lists of live email addresses are bought or swapped between unscrupulous parties.

    How do they know where I bank?

    They don't, but unfortunately if they send enough emails they're bound to reach some customers.

Worried that you've been targeted?

If you think you've been the victim of any scam, it's important to call us as soon as possible.

Call 03 456 100 100 (Lines are open 24/7, 365 days a year).

*Source: UK Finance.