Recognise the signs of fraud and respond appropriately
Threats are increasingly frequent in today’s digital age. Fraud tactics are constantly evolving.
Select your location and language
Contact & Help
We would encourage you to contact your adviser, preferably by phone or secure mail, or make arrangements in advance for a meeting.
Contact & Help
We have taken all the necessary health and safety precautions in order to ensure continuous service. Where possible, please contact us by phone or via our secure digital channels. If you would like speak to your adviser, we recommend making an appointment in advance.
Wallonie - Brussels
Chaussée de La Hulpe, 120 – 1000 Brussels
FLANDERS
Kortrijksesteenweg 218 – 9830 Sint-Martens-Latem
27 November 2025
·
5 minCybercrime: Nico Betzen, member of the Fédération des Artisans, tells his story
Banque de Luxembourg and the Luxembourg craft federation, the Fédération des Artisans, have joined forces to sharpen our understanding of the challenges posed by cybercrime. In our awareness campaign, we hear directly from businesses that suffered a cyberattack. In this interview, Nico Betzen, manager of Ferronnerie d'Art Nico Betzen S.A., based in Fouhren, shares his story with Charles Sunnen, Head of Corporate Business Development, and Samuel Lamort, Chief Information Security Officer at Banque de Luxembourg, providing valuable insight into the real risks facing businesses. This is the first in a series of testimonials to be published over the coming weeks.
Charles Sunnen: Can you tell us a little about your company?
Nico Betzen: I established my artisan ironwork company in Luxembourg in 1989 after a Tour de France through the French trades association, the Compagnons du Devoir et du Tour de France. My company now employs 40 people. We work on custom metalwork structures, such as stairways, guardrails, cladding and architectural components, throughout Luxembourg and abroad.
From bottom to top and left to right: Nico Betzen, Manager, Betzen Feronnerie d’art, Charles Sunnen, Head of Corporate Business Development at Banque de Luxembourg, Samuel Lamort, Chief Information Security Officer at Banque de Luxembourg, and Alain Kintzelé, Corporate Adviser at Banque de Luxembourg.
CS: Your company was the victim of a cyberattack. Can you describe what happened?
NB: It all started with a billing email ostensibly from one of our regular suppliers. It had a PDF attachment called
“Invoice”. When I clicked the attachment without realising, it installed malware on my computer. Thinking it was just a technical glitch or bug, I simply closed the file and continued working as normal – including approving payments with my LuxTrust card connected to my computer. Unfortunately, someone was remotely watching what I was doing, including entering my LuxTrust password. The password was then stored on my computer all night, and the hacker was able to use it to impersonate me and make transactions.
CS: Who spotted the incident and how?
NB: Two days after receiving this email, my bank contacted me to confirm an unusual transfer of funds to France. That’s when the alarm bells started ringing and I realised that something wasn't right. I hadn't made the transfer. So I went back over the transactions for the last few days and alerted all my contacts. I realised that several transfers had been made using my identity.
I discovered that several thousand euro were about to be transferred to unknown bank accounts. I immediately notified my teams and removed the LuxTrust cards from the readers.
CS: What were the immediate impacts of this incident on your company?
NB: In hindsight, I realised we had been lucky, because we managed to block all the transactions in time. Following the incident, we immediately communicated information about the cyberattack inside the company and externally to our stakeholders. We put a lot of time and energy into stepping up our efforts to stay vigilant, involving calls, checks, increasing the security of our infrastructure and documenting the incident.
CS: Did the incident change your company’s approach to cybercrime?
NB: Absolutely. It made us realise that nobody is immune – anyone can be a target, not just large financial institutions. On a personal level, I changed my habits. I’m now wary of every incoming message. We also rolled out an awareness campaign aimed at all staff, as we could have lost a lot of money. For example, since the incident, staff are not allowed to leave the cards in the card readers. When it comes down to it, nothing teaches you quicker than this type of attack. It completely changed how we approach things.
We also rolled out an awareness campaign aimed at all staff, as we could have lost a lot of money.
CS: What do you say to those who think it could never happen to them?
NB: The idea that criminals only target big companies is a myth. We are all potential targets, if only through how we manage our payments. A cyberattack isn't always sophisticated. The fraudsters often rely on subtle details, such as using a well-known logo or a PDF icon, or even a message that sounds unusual or off. Vigilance is the best way to protect against cyberattacks. And sharing experience is a powerful awareness tool for the entire community.
We are all potential targets, if only through how we manage our payments.
CS: Samuel, how would you summarise this case and what reflexes do you recommend?
Samuel Lamort: This case shows how a single click – such as opening a PDF file – can have real consequences. Given the threat, here’s what you can do today to protect against this type of cyberattack:
- Analyse every external email (sender's name, instructions in the email, etc.) and phone call (your bank or LuxTrust will never ask you for your personal details) you receive to check it is legitimate.
- Act fast: if you notice anything unusual after opening an attachment, inform your colleagues and disconnect your computer from the network.
- Alert the bank: if in doubt, notify your bank to block the transaction. If you use the LuxTrust mobile app, contact LuxTrust support to block your identity.
- Call in an expert to do a technical analysis of your computer. If you have been the victim of a successful cyberattack, report it to the police and have your computer analysed by a specialist or by the CIRCL (the Computer Incident Response Center Luxembourg, https://circl.lu/).
- Strengthen payment authorisations: where possible, introduce joint signatures or double confirmation to strengthen security (when two signatures are required, compromising one workstation is not enough to make a transfer).
- Maintain software security: keep your antivirus software regularly updated and install the security patches on your operating system and software (Internet browser, etc.)
- Get expert advice: it is critical to have cybersecurity specialists who are responsible for checking (and testing) the security of your infrastructure at least once a year. A specialist can help make sure your security is in line with best practice and that staff are aware of the risks of cybercrime.
BE VIGILANT AT ALL TIMES
This story proves it. Every company, regardless of size or sector, is a potential target. As threats increasingly exploit our everyday automatic actions – such as opening a document or approving a payment – constant vigilance by all employees is still the best defence.
OTHER CYBERATTACKS
This is one company’s story, but there are many more types of cyber threats.
Banque de Luxembourg has a web page that explains how to spot red flags and what to do if you suspect an attempted attack:
Luxembourg offers a range of tools for individuals and businesses to protect against cyberattacks:
Up to €25,000, before VAT, in financial aid from the state
Cybersecurity assessment for business
File scanning to detect malware
URL scanning to check for malicious links
SpamBee
A dedicated cyber fraud website for Luxembourg citizens