Web Banking - Security guidelines

Keep your Web Banking totally secure

Contact an advisor
Print this page

All you need to know about phishing !


Phishing is a fraudulent technique used by computer hackers to steal sensitive, personal and/or confidential information (bank details, identity, etc.). You generally receive an email that appears to have been sent by a family business, alerting you to a problem or asking you to update your personal information by clicking on a link. However, this link redirects you to a fake website.

Follow a few security rules:


  • Never communicate your secret codes, password, account numbers, etc. to anyone at all by any means (e.g. by email, telephone, in writing) - even if that person or the sender of the email claims to be from BGL BNP Paribas. Your bank will never ask you to reveal your personal data. 
  • Check links: move your cursor over the link or icon contained in the email to display the address (URL). If it looks suspicious or is not secured (http:// rather than https://), do not click on it. Check that you really are in your Web Banking area at https://webbanking.bgl.lu. A small padlock indicates that your connection is secured (SSL protocol). 
  • Procure a Token  to connect to web banking. This Luxtrust certificate is offered free of charge and secures your access to Web Banking. By default, you will be asked for your Card Code or your Token* when you log in, but you can choose whether or not to use your Token to log in.


To find out more about phishing, the police have published an online video.


Do you think you have been the victim of Internet fraud?
Call (+352) 42 42 – 2000 as soon as possible, or write to us.



Quick and practical