On Thursday 12 December 2024, the Luxembourg Bankers' Association (ABBL) issued a press release to help combat attempts at online financial fraud.
Faced with the multiplication and sophistication of attempts at online financial fraud, the ABBL and its members are continuing their awareness-raising work by reminding people of the existence of a certain number of tools and services, as well as good practices to adopt.
According to the press release, online financial fraud is a major challenge. The use of artificial intelligence has made practices such as identity theft (deepfakes) commonplace.
During this end-of-year period, when fraud attempts are on the rise, the ABBL and its members are reminding the public of some security instructions.
The majority of online fraud and scam scenarios aim to get the recipient to communicate personal or banking data as well as their identifying information. ABBL recalled that a financial institution (or any public institution or body) will never ask by email, SMS or phone call to provide identifying information or to connect to online banking using a link sent by email or SMS.
Victims of fraud, those who think they may be victims and customers of the following financial institutions - Banque de Luxembourg, Banque Internationale à Luxembourg (BIL), Banque Raiffeisen, BGL BNP Paribas, POST Luxembourg or Spuerkeess - should immediately contact Worldline Financial Services on +352 491-010 (service provided 24/7).
A specific procedure has been put in place to:
- clarify the circumstances of the fraud;
- block bank cards;
- be put in contact with LuxTrust to suspend or revoke the LuxTrust certificates;
- inform the relevant financial institution of the incident.
LuxTrust Customer Service also offers support to suspend or revoke the LuxTrust certificate via tel: 245-50550 or via the LuxTrust website: www.luxtrust.com (in the My LuxTrust area on Suspend temporarily my certificate or Revoke permanently my certificate). The service is available 24/7. The offices in Capellen are open Monday to Friday, from 08:00-18:00.
The public is also advised to exercise discernment and seek advice by:
- taking time to analyse any email or SMS received;
- never clicking on a link or attachment received by SMS, email or other channels that seem suspicious;
- reading carefully the information requested at each stage of authorising a transaction and taking the time to verify all the details to ensure that the transaction goes smoothly;
- consulting trusted people to obtain an external opinion;
- remembering that employees of financial institutions do not go to customers' homes to collect payment cards or their secret codes;
- they also do not call their customers and pressure them or ask them to open an email supposedly sent by a financial institution, to click on a link or to follow instructions to block a fraudulent transaction.
ABBL also advised carrying out additional research by:
- looking for additional information to confirm the legitimacy of the steps being asked via the email or text message received;
- searching the Internet using the keywords announced by the fraudster followed by the word "scam".
And to protect data by:
- treating personal and banking data as ID or keys that should be protected;
- keeping credentials strictly confidential, whether it is the means of payment or the connection to accounts remotely- never share LuxTrust credentials, not even with a bank advisor;
- not storing personal details on unsecured media, whether physical "paper" or computer-based such as email, hard drive, mobile phone- use a secure password manager;
- remembering to regularly check the list of beneficiaries registered in one's banking application;
- listening to the advice of the financial institution with which one is a customer and help it protect the customer;
- regularly consulting the security section of one's financial institution's website or application, it is often updated to take into account the most recent and common types and methods of fraud;
- informing one's financial institution of any change in contact details (telephone, email address, etc.) via the usual channel recommended by the latter, to be contactable quickly in the event of a problem;
- remembering to regularly update one's banking application to benefit from security updates.
Six common scam techniques to know:
- Phishing (by email): when a fraudulent email imitates an official institution (tax administration, police, health insurance), financial or Insurance institution or LuxTrust to encourage people to click on a link or share credentials;
- Smishing (by SMS): when an alarming or urgent SMS contains a link or a number to call to verify or confirm personal or banking data;
- Vishing (by phone): when a scammer pretends to be an employee of a financial institution or LuxTrust or an authority to obtain sensitive information or manipulate people into carrying out fraudulent transactions;
- Spoofing: when scammers spoof an official telephone number or email address to hide their real identity and gain trust;
- Quishing: a new form of phishing that uses fraudulent QR codes to redirect people to malicious sites to steal information;
- Deepfake: when scammers use manipulated videos or audio recordings to imitate a trusted person to trick the public into doing something fraudulent, such as transferring money or sharing sensitive data.