Threat Alert: HSBC Brand Abuse Lures Distribute Malware 

• Cybercriminals have launched a series of phishing attacks abusing HSBC branding while discussing alleged payment information. 
• The phishing lures come from a spoofed info@hsbc[.]com email account. The lures contain security tips to appear more legitimate, as well as an attached, malicious Microsoft Excel document regarding payment information. 
• Opening the Excel document leads to a series of prompts for the recipient to Enable Editing for the document and to then Enable Content. 
• Following the instructions in the Excel document leads to the installation of malicious software (malware).

Key Actions (at Work and at Home) 

• Go beyond surface clues. Familiar logos, branding, and names are not automatic indicators that an email or website is safe. Cybercriminals often imitate well-known organizations.     
• Never download attachments or “enable content” associated with unexpected messages. Never open, preview, or download an unexpected attachment, and never “enable content” or “enable macros” unless you are certain a file is safe. These actions can expose you to malware.    
• Report ANY suspicious emails using the Phish Alarm button. Remember: Our organization occasionally sends phishing simulations.