When they try to trick you into handing over your Secure Key activation code, it's known as token activation fraud.
HSBC will never ask you for the token generated from your Secure Key or mobile phone. These are only used to give you access to online banking and move money out of your account. They're not used to stop or block payments. Our fraud teams don't need them either - so you’ll never need to reveal the token to anyone.
The fraudster will call and pretend to be from your bank. They may tell you a large amount of money is due to come out of your account. They’ll then ask if you authorised this payment.
When you say you haven’t, the fraudster will be very understanding and offer to stop the payment for you. They’ll ask what type of Secure Key you have – a physical Secure Key (a device like a small calculator) or a Mobile Banking PIN (part of the HSBC UK Mobile Banking app).
Once they know this, the fraudster will then emphasise they’ll never ask you for the PIN or password for that device.
The fraudster will now ask you to generate a code from your Secure Key, supposedly to 'stop the payment'. They may again emphasise that they don’t want the PIN or password for the device.
They’ll ask you for the activation code. If you hand over that code, they’ll be able to authorise transactions from your account or completely take over your online banking.
Fraudsters might also contact you by text, claiming to be from your bank. They may ask you to give them a call so they can take you through the same scenario as described in the 'Over the phone' section of this page. They may also ask you to respond to the text with your activation code.
Find out more about the genuine texts that HSBC might send you.
HSBC will never ask for your:
If anyone does contact you and ask you for your Secure Key activation code or any other log on details, don’t give it to them. Hang up the phone and never respond to the text.
If you’re ever unsure about a phone call from someone claiming to be your bank, you can hang up the phone and call back on a number you know is genuine. Find out more about how to protect yourself against fraud.
