Is hsbc.com legit?

95
/ 100
Trusted
Industry: Finance

hsbc.com is a highly trusted website, backed by a long operational history and robust security measures. While minor technical issues exist, they don't detract from its overall reliability as a legitimate financial institution.

Finance average: 80/100 · based on 48 sites

Checked: April 18, 2026 at 8:10 AM UTC · Refresh

Is hsbc.com a scam? Here's what we found.

Security 98/100

This site boasts exceptional security, employing strong TLS encryption, HSTS, and robust clickjacking protection. Crucially, it's completely clean on Google Web Risk, indicating no detected threats, which is paramount for a financial institution.

Identity 95/100

With a domain age of over 27 years, hsbc.com has a deeply established digital identity. The WHOIS information, while using a privacy-focused registrar, clearly identifies the domain as belonging to HSBC, showing a strong, verifiable history.

Reputation 95/100

As a major global organization, HSBC's online reputation is solidified by its high Tranco rank and clean record on all DNS blacklists. The lack of a Trustpilot profile is not unusual for a banking giant, as customer service reviews are often handled through other channels.

Transparency 90/100

The website provides clear contact information and a strong presence across five social media platforms, demonstrating a commitment to accessibility and communication with its users. This level of openness is expected from a large bank.

Compliance 95/100

hsbc.com features readily available Privacy Policy and Terms of Service pages, which are essential for a financial institution handling sensitive customer data, confirming adherence to important legal and ethical standards.

Infrastructure 88/100

The site's infrastructure is solid, with good DNS resolution, robust email authentication through SPF and DMARC, and fast page load times. The only minor technical flaw is a misconfigured sitemap, which doesn't impact user experience but could affect search engine optimization.

Signals Detected

[+]
Structured Data: Found

Site uses structured data identifying itself as: Organization

[+]
Tranco Rank: Rank #7391

This is a well-known, high-traffic website

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
Domain Age: 27 years, 7 months

Domain created 1999-01-29T05:00:00Z (27 years, 7 months ago)

[?]
Registrar: MarkMonitor Inc.

Registered through MarkMonitor Inc.

[+]
Domain Expiry: 2028-01-29T05:00:00Z

Expires in 650 days

[+]
DNSSEC: unsigned

DNSSEC status from WHOIS

[+]
SSL Certificate: Valid

Valid certificate, expires in 296 days

[?]
Certificate Issuer: DigiCert Inc

Certificate issued by DigiCert Inc

[+]
TLS Version: TLS 1.2

Connection uses TLS 1.2

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[+]
Clickjacking Protection: Present

X-Frame-Options: SAMEORIGIN

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[+]
Branding: Complete

Site has custom branding and social media metadata

[+]
robots.txt: Present

robots.txt has 2 directives

[?]
Sitemap: Misconfigured

Sitemap URL returns non-XML content

[+]
Website Status: Online

Website is live and responding

[+]
Contact Info: Found

Website appears to have contact information

[+]
Legal Pages: Privacy & Terms found

Website has both privacy policy and terms of service pages

[+]
Social Media Presence: 5 platforms

Website links to multiple social media platforms

[+]
DNS Resolution: 2 IP(s)

Resolves to: 91.214.6.62, 193.108.75.62

[+]
Email (MX Records): 2 record(s)

Mail servers: mxb-00299f02.gslb.pphosted.com., mxa-00299f02.gslb.pphosted.com.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[?]
Name Servers: 6 server(s)

DNS providers: ns6.hsbc.com., ns21.hsbc.net., ns21.hsbc.uk., ns20.hsbc.net., ns3.hsbc.com., ns20.hsbc.uk.

[?]
Certificate Transparency: Unable to check

Could not query certificate transparency logs

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[+]
Page Load Time: 226ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for hsbc.com
<a href="https://verified.fyi/review/hsbc.com"><img src="https://verified.fyi/badge/hsbc.com?size=medium&style=full&theme=dark" alt="hsbc.com trust score — verified.fyi" /></a>
[![hsbc.com trust score](https://verified.fyi/badge/hsbc.com?size=medium&style=full&theme=dark)](https://verified.fyi/review/hsbc.com)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating a financial website like hsbc.com, the most critical question is often about trust and security. For a global banking giant, a long-standing online presence is a foundational element, and hsbc.com delivers with a domain registered over 27 years ago. This isn't some fly-by-night operation; it's a deeply entrenched digital asset of a major corporation. From a security standpoint, hsbc.com employs the kind of robust measures you'd expect. Modern encryption, HSTS to ensure secure connections, and strong protections against common web vulnerabilities like clickjacking are all in place. Crucially for a bank, it has a clean record with Google Web Risk and isn't on any DNS blacklists, which gives you confidence it's not associated with known threats. Financial institutions are prime targets for phishing, so these clean clearances are incredibly important. The website also clearly publishes its Privacy Policy and Terms of Service, which are non-negotiable for handling sensitive personal and financial data. While there's a minor technical hiccup with the sitemap, it doesn't affect the core functionality or security of your banking experience. Overall, based on these signals, hsbc.com aligns perfectly with the high standards expected from a legitimate and secure online banking platform.