Fraudulent calls, SMS, emails and promotional materials

Fraudsters may pose themselves as staff of Hang Seng Bank or other financial institutions, and contact customers by phone call, SMS, emails, promotion materials or message from instant messaging app. By using fraudulent tactics (for example, offering attractive preferential interest rates), they induce customers to provide personal information such as ID card copies, payroll slips, proofs of address and bank statements to them for applying banking products including personal loans or credit cards. Meanwhile, fraudsters also ask customers to make deposits into designated account(s) as margin or service fee.

Fraudsters may claim unusual transaction record is identified in your bank account / credit card through pre-recorded message phone call, and then request you to provide them sensitive personal information such as account number, username and log-on password for “investigation”. They may even purport as courier company employee, government official, or your relative, friend or business partner and force you to provide personal information, or to transfer a sum of money to a designated bank account for various reasons.

In order to promote their reliability and reduce victim’s suspicion on their identities, fraudsters may show customers a highly-imitated staff card, name card or document proof of the institution they pretend, or behave as no fear on identity verification that providing you a fake staff number and fake identity verification hotline number in the process of pretending.

To help the public verify the identities of SMS senders for combatting fraudulent activities, we’ve joined the SMS Sender Registration Scheme ("Scheme")^[1] launched by the Office of the Communications Authority ("OFCA").

From 28 Jan 2024, we no longer use sender IDs such as "HASE", "HASEsecure" and "HASEnotice" for one-way SMS which customers aren’t required to reply. Instead, we’ve started using these sender IDs^[2],[3],[4] with the prefix "#":

• #HASE
• #HASEsecure
• #HASEnotice
• #HASEcomms
• #HASEassure
• #HASEshield
• #HASEmemo
• #HASEalert
• #HASEHK
• #HASEhk

Please note that the Scheme doesn’t apply to two-way SMS which requires customers’ reply; or local subscribers of Single-Card-Multiple-Numbers / One-Card-Two-Numbers mobile service provided by non-Hong Kong operators.

If you receive an SMS claiming to be from "Hang Seng" and the sender ID doesn’t start with "#", please be vigilant. You can also check the participating organisations and their registered sender IDs on the OFCA website.

To safeguard your interests, please consider adopting the below measures to avoid falling victim to bogus call and SMS:

• If you are in doubt of the received call or message, write down the identity of the caller / sender and their phone number, then call customer service hotline / identity verification hotline from associated organisation and provide the aforementioned information for confirmation (Hang Seng: Customer Service Hotline (852) 2822 0228, press "#" and then "9" after selecting language; Other Hong Kong registered bank: refer to information from the Hong Kong Monetary Authority)
• Ask callers how they have your phone number and account information. Terminate the call immediately if they refuse to reply
• If you are in doubt of promotional materials you've received, please call respective customer service hotline or visit our branches for confirmation
• Ask callers how they have your phone number and account information. Terminate the call immediately if they refuse to reply
• Do not just identify caller’s identity by caller ID as caller ID is possibly manipulated
• Never disclose any sensitive personal data (e.g. log-in password or one-time password) to caller in any circumstances
• Do not provide caller the full set of personal data item (such as identity card number) per their request. Financial institution staff usually provide partial of the requested personal data they have in the identity verification process
• Never make deposit into account of an individual or a company in the application process of our banking products
• Before opening a hyperlink in a text message, you can use the "Scameter" launched by the Hong Kong Police Force to evaluate the security risks of the website
  

Things to note:

• Ensure you copy the full voice message, SMS text, email, promotion materials or website address (URL) into the body of the email
• Do not send any sensitive personal information within the email
• Please note phishing@hangseng.com is an automated inbound mailbox only. You will receive an automated response from us when we have received your email

Hang Seng would like to notify customers that the Bank has not authorised or appointed any intermediary companies to make calls or send messages to promote its personal loans, tax loans or credit cards. The Bank does not reach customers by a pre-recorded message on unusual account condition. Hang Seng and its staff members never request customers to make deposits into any account of an individual or a company when assisting you in application of banking products or services. The Bank would send message to or call your mobile phone number in our record for parts of card and banking transactions.