Recently we noticed we got a lot of email from “HSBC Advising Service” struck in our Total Email Protection quarantine. Looking closely at the email content, it is clear virus are hidden in them or rather the link inside. Here are some things to take note of to protect yourself from virus coming in through email.


Please download document from dropbox, payment advice is issued at the 
request of our customer. The advice is for your reference only.

Download link:

(link removed to prevent accident)

Yours faithfully,
Global Payments and Cash Management


This is an auto-generated email, please DO NOT REPLY. Any replies to 
this email will be disregarded.

Security tips

1. Install virus detection software and personal firewall on your 
computer. This software needs to be updated regularly to ensure you have 
the latest protection against email virus.
2. To prevent email virus or other unwanted problems, do not open 
attachments from unknown or non-trustworthy sources.
3. If you discover any unusual activity, please contact the remitter of 
this payment as soon as possible.

This e-mail is confidential. It may also be legally privileged. If you 
are not the addressee you may not copy, forward, disclose
or use any part of it. If you have received this message in error, 
please delete it and all copies from your system and notify the
sender immediately by return e-mail.

Internet communications cannot be guaranteed to be timely, secure, error 
or virus-free. The sender does not accept liability
for any errors or omissions.

This email looks legitimate enough with the usual security tips and disclaimer, it even comes with a environment friendly reminder to save paper! What do you know, our hacker/criminal has a green heart after all!

Who Is It From?

As far as we know, we do not have dealing with HSBC nor any of our clients. Check if this is from someone you recognize and normally communicate with, and if it relate to your job responsibilities. Getting a check payment email when you are in operation is a giveaway sign.

Email Content

Email content can also be social engineered to be disguised as a link from your friends (“My birthday photos”, “Look what you are missing out” etc), which we asked our clients to ignore since it is unusual for friends to send those to business email. Another tell tales sign is that they are asking us to download via Dropbox via a business email. We have spoken a number of time before on why consumer friendly Dropbox is not suitable for business environment (click here for the reasons), hence a business that is serious about security will not be using them, let alone a big bank.

Unknown Source

Also we will like to thank the sender for their security tip reminder number 2

2. To prevent viruses or other unwanted problems, do not open 
attachments from unknown or non-trustworthy sources.

Although they missed out 1 part as well – “do not open attachments OR LINKS from unknown or non-trustworthy sources”. Also the only attachment that is safe to click on is a .TXT file.

We will be continuing with more steps you can take to protect yourself from such email in part 2 next week.


At Blazon Technologies, we specialized in protecting our clients’ network and data, ensuring they can keep running their business even if disaster strikes them. To find out how we can help you with your security and protection, contact us for more information.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *