Top of main content

Common fraud scams

Protect yourself and others

Find out how you can help protect yourself against the most frequent scams.

This guide explains how they work, what to look out for, and what you can do about them.

Bank cards

Card payments are getting safer all the time, but it still pays to take a few precautions to help prevent fraud:

Card skimming and cloning

Fraudsters copy the magnetic strip on your card, and use it to withdraw money or make purchases in countries and regions where chip technology hasn't been introduced.

How it can happen:

  • if someone takes your card out of sight to use their card machine. For example if you pay by card at a restaurant and the waiter doesn't bring the machine to you.
  • using an electronic device placed on a terminal or ATM.


Theft of passwords and other authentication details

Fraudsters copy your card details – such as the number and expiry date – and use them even though you still have it.

This can happen when you use your card in person and when you share the details online or by telephone.

Online banking

Fraudsters are increasingly targeting online banking customers. To protect you, we've introduced a number of new anti-fraud measures.

Phishing emails

Fraudsters send you a link to a fake website so they can gather personal and confidential information to access your bank account.

It will look like your bank's website, the same logo, graphics and even words. You may be asked for details like your card number, PIN and online banking access codes.

Good to know: phishing scams can also use letters or telephone calls to get the confidential information they want.



Malware is malicious software that's installed on your computer without your knowledge.

It usually involves downloading a file or attachment from an email or fraudulent website. The software steals confidential information such as your log on, card or account details.

Malware includes any type of malicious software or virus, such as Trojan horses, worms, keyloggers, etc.



Like malware, ransomware is malicious software that's installed on your computer, tablet or smartphone without your knowledge.

It blocks access to your devices, or encrypts personal and important documents, then demands money to restore them.

You'll be redirected to a screen asking you to pay the fraudster for a decryption key or to avoid losing all your data. Depending on the device and system, the virus can spread through an entire network.



The fraudster makes your computer access a fake website every time you enter a real website address on your browser. They then retrieve the information, such as passwords or payment details, that you would use on the real site.


This is a phishing scam that's done by telephone.

  • fraudsters use a voice server inviting you to call a number, often charged at a premium rate. This leads to an answering service designed to get you to reveal as much of your personal or confidential information as possible.
  • fraudsters can also call you directly pretending to be bank employees. Usually, they mention a problem with your account or credit card. Then they'll ask for your bank details to stop a potential fraudulent payment.

Fraudsters use these details to access your accounts or shop online.


Investment scams

Fake investment scams are affecting more and more people, and the losses can be significant. They mostly happen online, but can also be done by telephone or even word of mouth.

When returns on traditional investments are low, it can be tempting to look for more profitable solutions. These scams take advantage of this perfectly sensible motivation to offer:

  • promises of unrealistic returns
  • fake investments in new sectors, such as wine, cryptocurrency, new technologies or even agricultural breeding with shares in cow herds
  • fake financial advisers and identity thieves offering things like fake savings books or credit repurchases


Common fraudulent investments include:

  • FOREX (Foreign exchange): currency exchange markets open 24/7,
  • binary market: speculation on the evolution of a security over a very short period of time,
  • savings products offering boosted rates.


This is sometimes called a 'Ponzi scheme'.

Each saver has to find new savers, and investments made by one person are paid out as returns to another.

When the fraudster can no longer get new payments or reimburse those who want to withdraw their funds, they disappear with the money.


Cheque scams on social media 

Fraudsters try to gain your trust on social media, such as Instagram©, Facebook© or Snapchat©.

They may claim they can't access their bank accounts, and offer to pay you to deposit cheques into your account for them.

  • after handing over the cheques, they ask you to transfer the funds to them.
  • the fraudster's cheques come back unpaid and the money transferred to their accounts is lost.

Warning: In addition to a financial loss, this type of fraud could involve you in a bigger fraud and lead to prosecution!


Emotional scams

Fraudsters try to gain your trust through dating sites or social media.

Then they say they have a personal or financial problem, and need you to send them money by bank transfer, a money transfer service or by loading a prepaid card.

They may also offer you a cheque to pay you back later, which will come back unpaid.

Mortgage fraud

You visit a comparison website, and afterwards a fraudster claiming to be from HSBC contacts you by email and/or telephone.

Then they try to gain your confidence in order to get your personal data.

To do this, they may confirm some of the loan details you entered, then offer you a limited or exclusive loan rate. Then they will either:

  • ask you to post them confidential documents, like your national identity card, passport, salary slips, tax return or proof of address, so they can use your details,
  • or ask you to transfer a deposit, an application fee or an initial payment.

The fraudster won't offer you an appointment in branch.

Good to know: If you use an HSBC loan calculator, we'll only call to confirm the information you provided and arrange a branch appointment.

You'll then get an email confirming your appointment and the documents you need to bring.

We'll only contact you from an email address ending and will never ask you to transfer any processing fees or payments.



Cryptocurrencies like Bitcoin are getting more popular, so here are the latest warnings from the French Financial Markets Authority (AMF).

  • cryptocurrencies are highly volatile and can drop in value suddenly. They offer no guarantees or protection for the capital invested.
  • buying and selling cryptocurrencies is unregulated. They are not legally recognised as currency or a means of payment, so they are not protected by any related guarantees or legal frameworks.
    • cryptocurrencies are not secure. They are stored in electronic wallets which can be hacked, with no recourse against the hackers.

Bank tranfers

Fraudsters contact either private individuals or businesses to try to trick them into sending money.

The 'fake boss' scam

The fraudster poses as a manager on a phone call, fax or e-mail and asks the employee to make a payment to an account which is often held overseas.

Fake payment updates

The fraudster uses a company or individual's account details to update the payment details of a landlord, supplier or another creditor, so the fraudster gets the money.

They send the new instructions by email, copying the style of the actual creditor.

Again, the 'new' bank details often relate to overseas accounts.

IT fraud

The fraudster pretends to be a technician at the company and asks the employee to make a 'test transfer'.

They may also ask them to install software that lets them access security information or the entire computer system.

This type of fraud has become more common since the introduction of SEPA payments.

The 'tests' are in fact real transfers to foreign accounts.

Other means of payment

Fraudsters are less likely to target these payment methods, but you should still take precautions.



The thief steals your cheque book from your luggage, clothing, car or post. They may even try to get it directly from your bank branch.

They use it to write cheques on your account.


False cheques

If a fraudster gets your cheque or chequebook, they can:

  • use a blank cheque to forge your signature.
  • alter a cheque to change the amount or beneficiary.

Direct debits

Stealing bank details

Fraudsters can use your bank details to buy themselves goods or services, such as a telephone subscription, without the required checks.

SEPA payments

Fraudsters set up a direct debit for a third party without your approval, then transfer the money to a foreign account.

We're here to help you find the answers and while you're at it, tell us how we could do better.