Be vigilant
If in doubt, contact your adviser or BL-Support on (+352) 26 20 26 30.
Select your location and language
Contact & Help
We would encourage you to contact your adviser, preferably by phone or secure mail, or make arrangements in advance for a meeting.
Contact & Help
We have taken all the necessary health and safety precautions in order to ensure continuous service. Where possible, please contact us by phone or via our secure digital channels. If you would like speak to your adviser, we recommend making an appointment in advance.
Wallonie - Brussels
Chaussée de La Hulpe, 120 – 1000 Brussels
FLANDERS
Kortrijksesteenweg 218 – 9830 Sint-Martens-Latem
Recognise the signs of fraud and respond appropriately.
Banque de Luxembourg
will never ask you to
Provide your login details: usernames/passwords, OTPs, LuxTrust/itsme codes or PIN codes
‘Confirm or cancel’ a transaction as a matter of urgency
Make a credit transfer to a
‘secure account’
‘secure account’
Install remote access software
Threats are growing increasingly frequent
Fraud attempts are continually evolving, becoming ever more sophisticated and difficult to detect. With this in mind, it’s important to take extra care. In order to stay as safe as possible online and respond effectively to any fraud attempts, it is important to follow certain recommendations.
Always be wary of:
- Any request to disclose your passwords, whatever the reason.
- Offers that are too good to be true (‘guaranteed’ investments, sudden windfalls, etc.).
- Requests from people you don’t know.
- Unsolicited calls claiming that you need to take steps over the phone to stop a fraudulent transaction. A bank or anti-fraud service will never call you to block a transaction using your LuxTrust/Itsme identity.
- Links received via email, text message or social media that may appear genuine but lead to fraudulent websites, and attachments that may contain malware.
What are the different types of fraud?
01
Spoofing/Identity theft
- Fraudsters pose as someone in a position of trust, such as a LuxTrust employee, an adviser or a member of the client support service.
- They then establish a relationship of trust with the client and create a sense of urgency, claiming that the client’s identifiers have been stolen or that there has been fraud involving their card or bank account, making the scenario seem plausible.
- They ‘spoof’ a phone number or email address to deceive the victim.
02
Phishing (Smishing / Quishing / Vishing)
- Fraudsters send messages (SMS = smishing / QR codes = quishing) or call you (vishing) while pretending to be from a trusted organisation (bank employee, mobile network operator, the postal service, etc.).
- They spoof actual logos and branding to trick you into clicking on a link to a fraudulent website that looks exactly like the real thing.
- Once you’re on the fake login page, you will then enter your details or carry out transactions – and unwittingly hand over your confidential data in the process.
- They may also ask you to install an app on your computer or to confirm the cancellation of transactions under the pretext of helping you, when in actual fact this is a ploy designed to gain access to your personal/banking details.
03
Fake adverts & fraudulent websites
- Fraudsters use AI to quickly create websites and social media posts that mimic those of a financial institution in an attempt to deceive you.
- They promote fraudulent investment schemes that are often presented as exclusive, innovative and highly profitable.
- Examples include fake savings accounts/fixed-term deposits offering very attractive returns and Forex/crypto trading solutions that promise high returns with no risk.
- Fraudsters will not hesitate to contact you directly via phone, email or an instant messaging app in order to obtain your personal/banking details and divert your money into their own accounts.
04
‘ Money mules ’
- Fraudsters approach a bank account holder – often a young adult or a senior citizen – via social media, telephone or email and ask that they let the fraudsters use their account to move money obtained through fraudulent activities.
- In return, the account holder is paid in cash or in kind (gift vouchers, the latest smartphone, etc.).
- Acting as a so-called ‘ money mule ’ is an offence that exposes the account holder to criminal and administrative sanctions – including the possibility of a prison sentence – even if there was no initial intention to commit fraud.
Cybercriminals
often pose
as
support
service
Best practices for you to adopt Don’t respond to ‘ urgent ’ requests
Ignore any threatening or urgent messages requesting an ‘ immediate payment ’, a ‘ cancellation ’ or for you to ‘ verify your details ’.
Never click on a link that is in the name of the Bank – type the address in yourself instead.
Do not authorise any transactions while on the phone with a third party, even if they seem trustworthy. If in doubt, contact your adviser.
(Reminder: Banque de Luxembourg exclusively uses secure emails via the E-Banking area or via standard email with the address format XXX@blu.bank )
Monitor and secure your LuxTrust operations
Never disclose personal data or access credentials (LuxTrust, itsme, etc.) over the phone or by email.
In the LuxTrust app, please check carefully what you are confirming – this includes the amount, the recipient and the type of action.
If it was not you who initiated the transaction (e.g. new beneficiary, new device/installation), please decline it and contact BL-Support.
Under no circumstances will the bank or LuxTrust/itsme contact clients by phone to request confidential personal data.
Communicate with your bank securely
To communicate with your adviser in complete security, use our BL Mobile Banking app and choose the Securemail secure messaging service.
If you would prefer to log in to the E-Banking website, type the following address directly into your browser: www.banquedeluxembourg.com (search engine results may direct you to a fraudulent site).
Add ‘Access my E-Banking area’ to your favourites; avoid links from search engines.
Adopt good habits regarding your credit transfers
When entering a new IBAN (or changing an existing one), verify it offline by calling a number you already know for the beneficiary (supplier, solicitor, relative, etc.).
For large sums, wait 24 hours before making the credit transfer if necessary, and opt for two-factor authentication where possible.
Remember: do not disclose your credit card details or hand over your cards to anyone, even if they claim to be an employee of the Bank or visit you at home.
Only use institutions’ usual phone numbers
Only contact your bank or adviser on their usual number.
Never contact a number you have received via text, email or messaging service. If in doubt, hang up and dial the following BL-Support number yourself: (+352) 26 20 26 30.
Refuse remote access software
Never download remote access software (AnyDesk, TeamViewer, etc.) at the request of someone from a ‘support’ team who contacts you.
Banque de Luxembourg will never ask you to install this type of software.
Don’t respond to ‘ urgent ’ requests
Ignore any threatening or urgent messages requesting an ‘ immediate payment ’, a ‘ cancellation ’ or for you to ‘ verify your details ’.
Never click on a link that is in the name of the Bank – type the address in yourself instead.
Do not authorise any transactions while on the phone with a third party, even if they seem trustworthy. If in doubt, contact your adviser.
(Reminder: Banque de Luxembourg exclusively uses secure emails via the E-Banking area or via standard email with the address format XXX@blu.bank )
Monitor and secure your LuxTrust operations
Never disclose personal data or access credentials (LuxTrust, itsme, etc.) over the phone or by email.
In the LuxTrust app, please check carefully what you are confirming – this includes the amount, the recipient and the type of action.
If it was not you who initiated the transaction (e.g. new beneficiary, new device/installation), please decline it and contact BL-Support.
Under no circumstances will the bank or LuxTrust/itsme contact clients by phone to request confidential personal data.
Communicate with your bank securely
To communicate with your adviser in complete security, use our BL Mobile Banking app and choose the Securemail secure messaging service.
If you would prefer to log in to the E-Banking website, type the following address directly into your browser: www.banquedeluxembourg.com (search engine results may direct you to a fraudulent site).
Add ‘Access my E-Banking area’ to your favourites; avoid links from search engines.
Adopt good habits regarding your credit transfers
When entering a new IBAN (or changing an existing one), verify it offline by calling a number you already know for the beneficiary (supplier, solicitor, relative, etc.).
For large sums, wait 24 hours before making the credit transfer if necessary, and opt for two-factor authentication where possible.
Remember: do not disclose your credit card details or hand over your cards to anyone, even if they claim to be an employee of the Bank or visit you at home.
Only use institutions’ usual phone numbers
Only contact your bank or adviser on their usual number.
Never contact a number you have received via text, email or messaging service. If in doubt, hang up and dial the following BL-Support number yourself: (+352) 26 20 26 30.
Refuse remote access software
Never download remote access software (AnyDesk, TeamViewer, etc.) at the request of someone from a ‘support’ team who contacts you.
Banque de Luxembourg will never ask you to install this type of software.
Secure your accounts
and online purchases
❌ Never disclose your password or personal identifiers (the Bank never asks its clients for their access codes)
✅ Choose a secure password (comprising at least 10 characters, including numbers, special characters, etc.), change it regularly and avoid saving it in your internet browser
✅ Use different passwords for every website you visit (e.g. E-Banking access, email, online shopping, social media, etc.).
✅ Choose a secure password (comprising at least 10 characters, including numbers, special characters, etc.), change it regularly and avoid saving it in your internet browser
✅ Use different passwords for every website you visit (e.g. E-Banking access, email, online shopping, social media, etc.).
✅ Use a trusted computer whose security you’re familiar with, with a recent and supported operating system and software. We recommend that you install anti-virus software on your computer. Don’t forget to install the latest updates for your operating system, internet browser, and anti-virus software.
✅ Check that you’re on the Banque de Luxembourg website by entering the address https://www.banquedeluxembourg.com in your internet browser’s search bar or access it from your favourites, if you’ve saved it there previously. Check that the address begins with ‘https’, that a closed padlock is displayed on the secure page and that it belongs to Banque de Luxembourg.
✅ Increased vigilance is required when using mobile devices, since the address of the websites accessed isn’t always clearly and completely displayed. The same applies to the https padlock, which isn’t always displayed on some mobile browsers.
❌ Never access a banking website via a link in an email, SMS or instant message.
✅ Increased vigilance is required when using mobile devices, since the address of the websites accessed isn’t always clearly and completely displayed. The same applies to the https padlock, which isn’t always displayed on some mobile browsers.
❌ Never access a banking website via a link in an email, SMS or instant message.
✅ Buy only from reputable merchant websites.
❌ Avoid lesser-known sales sites, find out more about them before making a purchase, and check how reliable they are via a review platform such as Trustpilot. Access websites using the correct address in your web browser, not from a link received in an email, SMS or instant message.
For more advice, visit our dedicated internet security
page Secure your online shopping by activating 3D Secure. For more details, please visit our dedicated page.
❌ Avoid lesser-known sales sites, find out more about them before making a purchase, and check how reliable they are via a review platform such as Trustpilot. Access websites using the correct address in your web browser, not from a link received in an email, SMS or instant message.
For more advice, visit our dedicated internet security
page Secure your online shopping by activating 3D Secure. For more details, please visit our dedicated page.