Gemessen am 2026-07-04 · öffentliches DNS
Ist us.hsbc.com gegen E-Mail-Spoofing geschützt?
Nein — us.hsbc.com hat keine DMARC-Richtlinie und kann gefälscht werden.
Haltung unverändert seit dem 2026-06-19
Stärker geschützt als 0 % der Banken in Vereinigte Staaten
80 % der Branche setzt bereits p=reject durch
F
DMARC
nicht vorhanden
SPF
~all
DKIM
keiner gefunden
So behebst du es
Thomas, der DMARC-Copilot, findet jede Quelle, schreibt das exakte DNS und bringt deine Domain sicher von p=none zu p=reject.
Was das bedeutet
- • Aucun enregistrement DMARC publié (_dmarc.<domaine>). Les destinataires n'ont aucune politique à appliquer.
- • SPF se termine par ~all (softfail) : acceptable en phase d’observation, viser -all à terme.
- • Aucune clé DKIM trouvée sur les sélecteurs courants (le domaine peut utiliser des sélecteurs non standards).
Verlauf
- 2026-06-26Erste MessungKein DMARC
Über HSBC Bank USA
HSBC Bank USA, the American subsidiary of HSBC Holdings plc, operates through the domain us.hsbc.com as a major banking service serving retail and corporate clients across the United States. As an international financial institution, HSBC Bank USA manages a critical email perimeter encompassing communications with employees distributed across multiple countries, digital services for customers, official correspondence with regulators and financial partners, as well as transactional notifications linked to bank accounts. Securing the us.hsbc.com domain carries strategic significance, as financial institutions represent prime targets for identity spoofing attacks aimed at compromising sensitive customer data or perpetrating fraud schemes. The banking sector must comply with stringent regulatory frameworks including sectoral cybersecurity directives, and as an international group, HSBC is subject to enhanced security obligations according to the jurisdictions in which it operates. The implementation of robust DMARC, SPF, and DKIM protocols on us.hsbc.com constitutes a fundamental component of the strategy against phishing and domain spoofing attacks, ensuring the authenticity of communications issued from this domain. For an entity of this scale, mastering email infrastructure and validating each message through strong authentication mechanisms represents not only a compliance obligation but also an imperative for client trust and preservation of institutional reputation in a context where email-based banking fraud remains a persistent threat.
