Recognise the signs of fraud and respond appropriately
Threats are growing increasingly frequent in today’s digital age. Fraud attempts are constantly evolving, becoming more sophisticated and sometimes even difficult to detect. With this in mind, it’s important to take extra care. In order to stay as safe as possible online and respond effectively to any fraud attempts, it’s important to follow certain recommendations and adopt a few best practices.
Recognise the signs of fraud: phishing/smishing or spoofing (identity theft)
Phishing/smishing and spoofing target users via sophisticated fraud techniques. These methods involve deceiving people to obtain confidential information such as your credit card number, identifier, password, name, first name, date of birth, address, phone number, etc.
The wave of fraud is constantly growing, with increasingly skilled fraudsters. To avoid these traps, it’s essential to remain vigilant and identify certain telltale signs.
Hackers often pose as
Your bank
LuxTrust
IT support
An anti-fraud service
They do this using copycat phone numbers, email addresses, and domain names to hide their true identity.
The hacker usually claims you need to take urgent action regarding:
- A technical update
- A security issue on your computer
- A supposed verification of your personal details
- An urgent credit card payment to maintain a service
- A fraudulent transaction requiring your access codes to block it
- The expiry or renewal of your LuxTrust certificate
Be careful!
If in doubt, contact your adviser or our BL-Support service on (+352) 26 20 26 30.
Please note that the Bank and financial institutions in general never ask clients for their access codes (LuxTrust ID, passwords, OTPs, etc.) by email, phone, SMS or any other means of communication. Your bank doesn’t need your codes to block transactions identified as suspicious. Banque de Luxembourg exclusively uses secure emails via the e-Banking space or via standard email with the address format XXX@blu.bank.
Best practices:
Only contact your bank or adviser on their usual phone number, never on another number received via SMS, email, instant messaging, etc.
Don’t respond to urgent or threatening requests or to suspicious email addresses (different from your adviser’s usual address). Never click on a web link sent (via email or SMS) in your bank’s name.
Confirm operations in the LuxTrust mobile app after carefully reading the text describing the operation you’re confirming. If you didn’t initiate the operations (new beneficiary, new installation of the app, etc.), refuse it in LuxTrust mobile.
Secure your accounts and online purchases
Making your online accounts and transactions more secure requires the adoption of effective protective measures and a few best practices.
❌ Never disclose your password or personal identifiers (the Bank never asks its clients for their access codes)
✅ Choose a secure password (comprising at least 10 characters, including numbers, special characters, etc.), change it regularly and avoid saving it in your internet browser.
✅ Use different passwords for every website you visit (e.g. E-Banking access, email, online shopping, social media, etc.).
✅ Use a trusted computer whose security you’re familiar with, with a recent and supported operating system and software. We recommend that you install anti-virus software on your computer. Don’t forget to install the latest updates for your operating system, internet browser, and anti-virus software.
✅ Check that you’re on the Banque de Luxembourg website by entering the address https://www.banquedeluxembourg.com in your internet browser’s search bar or access it from your favourites, if you’ve saved it there previously. Check that the address begins with “https”, that a closed padlock is displayed on the secure page and that it belongs to Banque de Luxembourg.
✅ Increased vigilance is required when using mobile devices, since the address of the websites accessed isn’t always clearly and completely displayed. The same applies to the https padlock, which isn’t always displayed on some mobile browsers.
❌ Never access a banking website via a link in an email, SMS or instant message.
✅ Buy only from reputable merchant websites.
❌ Avoid lesser-known sales sites, or find out more about them before making a purchase. Access websites using the correct address in your web browser, not from a link received in an email, SMS or instant message.
For more advice, visit our page dedicated to internet security
React quickly in cases of fraud (or attempted fraud)
Think you’ve been the victim of fraud or attempted fraud?
To minimize the risks, it’s crucial to act immediately. We advise you to immediately change the passwords for the accounts affected and contact your adviser or our BL-Support service at (+352) 26 20 26 30. In addition, carefully review your bank statements for any suspicious activity. By reporting the fraud and filing a complaint with the police, you’re helping to prevent further attacks.
Outside business hours, if you’ve been, or think you’ve been, the victim of phishing or fraud relating to your LuxTrust identity or bank cards, please contact the emergency number (+352) 49 10 10 immediately.