Our cybersecurity tips

Protect yourself against identity theft

First alert
Beware of unsolicited calls! Fraudsters always create a sense of urgency to prevent you from thinking clearly.

Second alert
Legitimate callers: your bank, Worldline or LuxTrust will NEVER ask for confidential codes or information about your payment methods.

Third alert
Before validating a banking transaction, take some time to check the LuxTrust validation context. Fraudsters always try to make you approve a transaction you did not initiate.

Fourth alert
The bank will NEVER send a courier to collect allegedly hacked cards! In case of hacking, it is recommended to contact Worldline on your own initiative to block your cards.

If in doubt…

Take a moment to check if you are a victim of fraud by calling your bank at +352 4242‑2000 or LuxTrust / Worldline at +352 49 10 10.

Fraud can affect each of us. Let’s adopt the right reflexes together so we don’t contribute to the statistics:

1 out of 2 adults has already been a victim of a scam at least once in their life,
1,446 cyberattacks per week on average in Luxembourg at the end of 2024,
442 billion dollars lost by consumers worldwide due to scams in 2024,
64% of scams take place in less than 24 hours,
48% of scams involve fake quick‑profit investments,
EUR 4,942,624 is the total value of card payment fraud recorded in Luxembourg in 2023.

Increasingly sophisticated and difficult to detect, online fraud affects thousands of users in Luxembourg every year.
As a member of the ABBL, we invite you to consult the dedicated platform.
There you will find advice, cybersecurity best practices and all the useful information to protect yourself effectively against fraud attempts.

Let’s remain vigilant. Together, we can help bring the numbers down and push back fraud.

Discover Cyberfraud.lu

Fake Investments: Don’t Fall for the Trap—Trust Your Advisor!

Tempting promises like:

“Double your savings in 6 months!”

“100% guaranteed return”

“Risk-free, certified and secure investment”

…could be hiding real scams. These offers play on urgency, emotion, and a false sense of legitimacy to push you into quick decisions.

Our advice: Never decide alone.

Your banking advisor is your trusted companion. A simple conversation can clear doubts, assess risks, and help you make safe choices.

Together, you’ll make the right decisions—with peace of mind. And remember: if it sounds too good to be true… it probably is!

What is Artificial Intelligence (AI)?

Artificial intelligence is a branch of computer science that aims to create machines capable of simulating human intelligence.

It relies on complex algorithms and data models that enable machines to learn, reason, and make decisions.

What is Cloning?

Voice and face cloning, often referred to as "deepfakes," present significant risks when used for fraudulent purposes.

Voice cloning (or vishing) can be exploited by fraudsters to mimic a person's voice. Fraudsters can use these cloned voices to deceive your vigilance.

Face cloning, on the other hand, can be used to create falsified videos or images. These deepfakes can be used to impersonate someone, creating videos where the person appears to say or do things they never said or did, to spread false information, manipulate public opinion, or even extort money.

Spear Phishing – What is it?

If you’re contacted by someone claiming to be your adviser or a BGL BNP Paribas employee and who asks you to:

to stop allegedly fraudulent transactions by asking you to communicate LuxTrust codes;
make a transfer to another account to avoid being scammed validate transactions on the LuxTrust Mobile application;
validate a LuxTrust Mobile QR code;
share your bank details;
share your PIN codes.

You’re probably dealing with someone who’s trying to scam you.

If in doubt, end the conversation immediately.

Have you been contacted by a potential scammer? Contact us on (+352) 42 42-2000.

Example of card fraud:

The tell-tale sign:

Scammers use names that are similar to that of your bank!

Someone claiming to be your bank adviser contacts you. Wheter by SMS, e-mail or over the phone, the bank or any other authorised third party will never ask you for:

LuxTrust details

Never share your codes, login details or LuxTrust confirmation.

Web Banking details

Keep your Web Banking codes and login details strictly confidential.

Bank card information

Don’t share your bank card information with any third parties.

Transfer

Don’t make any payments via a link or e-mail attachment you may have received. Always decide to make your bank transactions yourself.

Don’t respond, and end the interaction immediately!

In general:

use the LuxTrust Mobile system on your smartphone. When you need to validate an operation (login, transfer, card payment), the LuxTrust Mobile application shows you what you’re approving. If a pop-up notification asks you to approve an operation you didn’t request or a payment to a payee you don’t recognise, click refuse and contact the bank ASAP on (+352) 42 42-2000,

don’t be fooled: no bank will threaten to cut off access to your accounts or not renew your credit cards if you don’t enter your details,
be wary of “urgent” requests urging you to take immediate action,
check whether you already know the contact (phone number), sender of the message or SMS (e-mail address or phone number). We advise you never to open attachments from an unknown sender or suspicious address.

Take the time to read through the request and contact your bank if anything seems suspicious (via unsecured contact methods).

Other useful habits

1. How you log in

Do you check your bank accounts on your phone or a tablet?

log in securely by using the Web Banking mobile app,
all usefull information and available features can be found on the Web Banking application. Use the most secure method for logging in to your accounts.

Don’t use the app yet?

Download the “BGL BNP Paribas Web Banking’’ app from your app store today, available for iOS and Android!

Do you check your bank accounts on your PC/laptop?

log in directly on our website at https://www.bgl.lu/en/individuals.html by clicking on “Web Banking” (at the top-right of the page),
or by entering https://webbanking.bgl.lu/en/webbanking/login.html in the search bar.

BEWARE: Fake sites may be listed in web searches (Google, social media, etc.).

Log into Web Banking and enter your details on your own initiative.

2. Your online activity

Interacting with the bank

Apply for a loan, get information, send documents or contact the bank. You can communicate securely with your account manager using our secure contact methods, such as the Web Banking messaging service available on the website and mobile app.

Update your devices’ operating systems as soon as possible: smartphone, tablet, computer

Your devices should have an automatic update option, so make this your default mode. A system that hasn’t been updated may have vulnerabilities that can be exploited by cyber criminals.

Any questions? Contact us!

Avoid public Wi-Fi networks

Your devices should have an automatic update option, so make this your default mode. A system that hasn’t been updated may have vulnerabilities that can be exploited by cyber criminals.

Cyber criminals know how to exploit network security flaws to steal your personal data.

To keep your data secure in public places, make sure you take the right action:

use mobile data (3/4/5G networks) when you need to check your accounts or make banking transactions,
however, if you have to use a public Wi-Fi network, don’t enter any personal data (Wi-Fi networks at home or work are the most secure),
turn off the automatic Wi-Fi connection option and/or delete networks that aren’t password protected,
never install software or updates or download documents or attachments over a public network. When you’re at home or in a secure place, remember to check that your phone is updated: many of the updates suggested by your smartphone are security updates,
if you need to work or do research online in a public space (co-working space): where possible, hide your screen from others (for example: from passersby) or from security cameras (recorded video can be hacked),
avoid using your devices to check your accounts or any other sensitive information when taking public transport,
use standard plugs if you need to charge your telephone or tablet in a public place (avoid recharging via USB ports, which can be hacked).

Do you need to make an online card payment?

For all online transactions, check the reliability of a website before entering your personal and banking details. To do so:

use a secure Wi-Fi network or mobile data to make the transactions (3/4/5G),
check that there is an SSL protocol and httpS (”s” for secure/security),
check the correct spelling for the website.

Strengthen your online security and make transactions in complete peace of mind with 3D Secure!

More information about 3D Secure

Luxtrust

The Token is a digital certificate that guarantees your identity. It generates a single-use code that you enter when you access Web Banking or when you carry out your transactions. It is linked to a password chosen by you. It's a different password from the one you use to connect to your BGL BNP Paribas Web Banking.

More information about Luxtrust