On the surface, to the unwary, all would appear to be legitimate. However, I'm far too cynical these days to believe everything I read so I took a deeper look. Any time you receive something through your email account that seems to be requesting information that you wouldn't give to a stranger in the street you should think carefully before acting.

So how do you distinguish between a scam email and a genuine one from your bank?

Let's dissect this email into smaller, more manageable pieces...

1. Did you ever inform your bank about your email address?

If you've never divulged your email address to your bank then it's reasonable to believe that they wouldn't be sending you any emails! I try to make it a point to never give my email address to my bank. Unless you're using an online banking service then they would probably use it for marketing purposes.

2. Are there any tell-tale clues of a fraudulent email in the headers?

In your email viewer, examine the email header information. You'll often find some obvious clues as to the real nature of the email.

In the example above, there are a number of points that can easily be spotted at a glance:

This tells us where the email was sent from. Upon visiting

I find what seems to be a leisure website written in Spanish and having some kind of link with Mexico. My grasp of the Spanish language is almost non-existent, but I can't think of why HSBC might have anything to do with this website.

If HSBC were trying to contact me it's highly unlikely that they would resort to using a free, PC-based email client such as Microsoft Outlook Express. Large corporations with millions of customers often tend to use server-based software to carry out mailings. Outlook Express is not the customer-mailing tool of a multinational bank!