Conseils de sécurité

A few security tips

 
Print this page

Even though the Internet has become a vital part of our daily lives, it is important to follow a few security guidelines in order to avoid attempted fraud.

 

Beware!
- Never disclose your secret codes, passwords, account numbers, credit cards, etc. to anyone or by any means (i.e. by e-mail, telephone or in writing), even if the person or the sender of the e-mail claims to be from BGL BNP Paribas.
- Your bank will never ask you to provide your bank details via your personal e-mail address or by telephone.
- In a professional environment, make sure that you establish the identity of your contact person before disclosing any information, however minor, about your company.
- Ensure that you have a LuxTrust Token to provide secure access to Web Banking and your 3D Secure transactions. 
 

 

Card blocking ?

Call this number 24/7: (+352) 49 10 10


 

We recommend that you remain particularly vigilant regarding the following cases of fraud:

 

 

 

 


 

Social engineering or ‘CEO fraud'
 

 

Social engineering, which is also referred to as ‘CEO fraud', often consists of a phone call at work: ‘This is your CEO speaking. I am placing my trust in you to carry out an urgent bank transfer. Please keep this confidential.'
 

The aim of social engineering is to steal the identity of the ordering party via any channel (e-mail, telephone, etc.). The objective is the misappropriation of information or funds.  

 

The fraudster puts the person under pressure to carry out the transaction quickly by insisting that it is extremely urgent or confidential.


By pretending to be a senior representative of the company, the scam places the employee in a situation of hierarchical subordination. This provides the fraudster with a powerful tool to manipulate his victim. He therefore abuses the authority which the victim attributes to him: ‘This is an order. I instruct you to maintain the utmost discretion,' while, at the same time, praising the employee, ‘I have faith in you; you are the only one capable of carrying out this transaction.'

 

A variation of the fraud consists of convincing the victim to change the beneficiary account on a legitimate invoice.

 

Do the right thing: 

 

  • Limit the distribution of information (social networks, websites, signatures, etc.)
  • Implement secure internal procedures (i.e. double checks, limited access to sensitive information)
  • Raise awareness among your employees, particularly those in the accounting and financial departments
  • Exercise caution in the event of urgent or confidential procedures which do not respect internal regulations
  • Be wary of any unusual bank transfer which you have to sign or countersign


More about CEO fraud (PDF)

 

Back

 

 

 

Phishing


 

Phishing is a scam used by IT fraudsters to gather sensitive, personal and/or confidential information (bank details, credit card number, identity, etc.).


More often than not you will receive an e-mail which appears to come from a familiar company that will draw your attention to a problem or ask you to update your personal information by clicking on a link. This link will redirect you to a fraudulent website.


Do the right thing:

 

  • A logo does not prove the identity of the sender
  • Never click on a link or an attachment which does not seem genuine
  • Never disclose any bank details: password, credit card number, etc.
  • When you are re-directed to a website, check that the website address starts with ‘https'

 

Back

 

 

 

 

Unsecured e-commerce websites

 

When you log on to an unsecured e-commerce website and carry out a transaction, a hacker can easily steal your credit card details and use it at your expense.


Do the right thing:

 

  • Check that the website displays the MasterCard or VISA logos
  • Activate 3D Secure security for your credit cards: a one-time code (sent via SMS or Token) will be used to authorise your purchase
  • Check that the e-commerce website address starts with ‘https'
  • Never disclose the confidential four-digit secret code of your credit card
  • Keep proof of payment in the event of a dispute or claim

 

Back

 

 

 

Public Internet connection

 

Beware when you connect to the Internet via a public computer. Only connect using secure Wi-Fi networks.

 
Do the right thing:

  • In a public area, do not connect to an open Wi-Fi network to conduct banking transactions.
  • Never install software or carry out updates via a public connection.

 

Back

 

 

 

 

Using ATMs/paying at checkouts

 

When you withdraw cash from an ATM or pay for your purchases at a checkout, exercise caution to ensure no one can steal your bank card details (number, identity, four-digit secret code).


Do the right thing:

  • Make sure no one is standing behind you when you pay or withdraw cash and do not allow yourself to be distracted
  • Immediately block your card if you discover any irregularities on your bank statements
     

 

Back

 

 

 

 

 

 

 

SIMULATOR AND TOOLS
Quick and practical

 

   3D Secure