LuxTrust, Luxembourg's national qualified trust services provider, has warned that several phishing attempts have been recorded in the Grand Duchy this week.
Since the start of the week, various customers have been receiving phishing emails and SMS asking them to update their data, supposedly on behalf of LuxTrust, 3D Secure and several banks in Luxembourg.
In general, the user receives an email or SMS and is invited to click on a link to carry out an urgent operation, such as updating their data to continue to have access to a service. They are then redirected to a fake site, asking them to enter their credit card details and / or to validate their personal information by entering their user ID, password and LuxTrust single-use code (in some cases several times).
Anyone who has completed the procedure and has given out their personal information should immediately contact their bank and LuxTrust customer service via tel.: 24 550 550 in order to take the necessary measures.
It is recalled that customers should protect their personal data, which guarantees secure access to their banking space and to administrative procedures, and not share this information with third parties. Local service providers will never ask users to update their personal information with a link via email or SMS; such messages are transmitted exclusively in the secure messaging spaces of the customer's bank.
To protect their LuxTrust identity, customers are advised to check the email address of each sender carefully and not open messages from unknown senders or questionable email addresses. Customers should not click on links nor open attachments and never share their personal data and LuxTrust identifiers. If users do not see their secret image when using the Token or a LuxTrust chip product, outside the context of online shopping, they should immediately stop the transaction. For everything concerning data updates, it is advised to use the official communication channels which customers have already used before with suppliers.