Even though the Internet has become a vital part of our daily lives, it is important to follow a few security guidelines in order to avoid attempted fraud.
- Never disclose your secret codes, passwords, account numbers, credit cards, etc. to anyone or by any means (i.e. by e-mail, telephone or in writing), even if the person or the sender of the e-mail claims to be from BGL BNP Paribas.
- Your bank will never ask you to provide your bank details via your personal e-mail address or by telephone.
- In a professional environment, make sure that you establish the identity of your contact person before disclosing any information, however minor, about your company.
- Ensure that you have a LuxTrust Token to provide secure access to Web Banking and your 3D Secure transactions.
Card blocking ?
Call this number 24/7: (+352) 49 10 10
We recommend that you remain particularly vigilant regarding the following cases of fraud:
Social engineering, which is also referred to as ‘CEO fraud', often consists of a phone call at work: ‘This is your CEO speaking. I am placing my trust in you to carry out an urgent bank transfer. Please keep this confidential.'
The aim of social engineering is to steal the identity of the ordering party via any channel (e-mail, telephone, etc.). The objective is the misappropriation of information or funds.
The fraudster puts the person under pressure to carry out the transaction quickly by insisting that it is extremely urgent or confidential.
By pretending to be a senior representative of the company, the scam places the employee in a situation of hierarchical subordination. This provides the fraudster with a powerful tool to manipulate his victim. He therefore abuses the authority which the victim attributes to him: ‘This is an order. I instruct you to maintain the utmost discretion,' while, at the same time, praising the employee, ‘I have faith in you; you are the only one capable of carrying out this transaction.'
A variation of the fraud consists of convincing the victim to change the beneficiary account on a legitimate invoice.
Do the right thing:
Limit the distribution of information (social networks, websites, signatures, etc.)
Phishing is a scam used by IT fraudsters to gather sensitive, personal and/or confidential information (bank details, credit card number, identity, etc.).
More often than not you will receive an e-mail which appears to come from a familiar company that will draw your attention to a problem or ask you to update your personal information by clicking on a link. This link will redirect you to a fraudulent website.
Do the right thing:
A logo does not prove the identity of the sender
Never click on a link or an attachment which does not seem genuine
Never disclose any bank details: password, credit card number, etc.
When you are re-directed to a website, check that the website address starts with ‘https'