Prevention
& security

How can we help you?

Are you a victim of fraud?

Fraud prevention

Software installation: do not give strangers control of your device

AnyDesk, TeamViewer, and other similar solutions are legitimate remote desktop tools, but scammers and hackers frequently misuse them to gain unauthorized access to victims' devices (e.g.: computer, mobile).

This fraud scenario typically involves a social engineering scam where a malicious actor manipulates a victim into giving them remote control of their computer.

Find out more

President fraud: don’t blindly obey!

President fraud is, in practical terms, the act of a fraudster who seeks to pose as a member of senior management, a manager or a strategic partner by exploiting a sense of urgency, psychological pressure, confidentiality and, above all, a perceived position of authority in order to obtain a fraudulent payment, a change of IBAN or access to sensitive information.

Find out more

Protect yourself from fraud when online shopping.

Secure Your Cards:

Never save your banking information on commercial websites.
In-store, enter your codes discreetly and avoid distractions.
Keep your code separate from your card.

Beware of Online Scams:

Stay away from offers that seem too good to be true!
Take the time to check user reviews.
React with caution: if an offer seems urgent, it’s often a scam.
Verify if the merchant site is the official brand site and not a look-alike.

Stay vigilant and make safe purchases!

BILnet Security: Do not access via Google

Do not use Google (or any other search engine) for BILnet: the results that search engines offer may send you to a fraudulent website designed to scam you.

To avoid any problems:

It is better to use your BILnet app, which is secure.
Or enter https://www.bil.com in your address bar manually.
Or save the address https://www.bil.com/BILnet/ in your favourites.

Always check that the connection is secure and the destination URL is correct.

Fraud may take the form of attempted phishing, vishing (voice phishing) or spoofing (identity theft).

Fraudsters have no scruples in impersonating BIL staff or employees of legitimate institutions (after stealing the telephone number of the bank or institution) to harvest data/login details and misuse them for fraudulent purposes.

Remember that BIL will never ask you for your data/login details.

BIL employees will never ask a courier to come and collect bank cards from your home.

Be careful when shopping on the web!

Be extra vigilant when faced with tempting offers on the Internet. Take the time to find out all you can about the seller and read their reviews before making any payment.

Monitor your direct debits, stop suspicious withdrawals.

A quick glance at your direct debits can save you a lot of trouble.

Fraudulent automatic withdrawals can sometimes be added without you being fully aware. To stay in control of your payments, we recommend checking your SEPA direct debits regularly.

How?

Logon to BILnet, then simply click on “Direct Debits” on your home screen.
You can:

View the list of active mandates
Block a mandate if you no longer want an organisation to debit your account
Request a refund for an unauthorised or disputed debit

A quick check means lasting security.

Stay one step ahead of the fraudsters: learn good habits!

In the digital era, fraudsters are becoming increasingly creative, from fake online quiz games to phishing attempts.

Scammers will use any means available, including phone, post, email or the internet. Their scamming techniques are constantly changing and are ever more sophisticated.

Although we are doing everything in our power to ensure optimum security, it is vital that you learn good habits to protect yourself.

The different types of fraud Good habits

Remember

BIL will NEVER ask you,
by SMS, email or phone:

For your LuxTrust login details and passwords (used in BILnet).

For your bank card PIN.

To confirm supposed "cancellations" of fraudulent transactions.

BIL will never send a courier to collect your cards and PINs.

The eight good habits you should adopt

Beware of fake calls that seem to come from BIL!

Scammers may copy our number to steal your sensitive data.
Be sceptical if anyone asks you for sensitive information (usernames, passwords, card details, etc.).
Hang up and try to call the person back on the official number.

Don't click on suspicious hyperlinks received by SMS or email!

You should also be suspicious of QR codes that could redirect you to a fake login page in order to harvest login details and/or passwords.

Also check the sender and do not authorise any downloads.
Never click on hyperlinks or QR codes received by SMS or email. Don’t download the attachments either.

Never share your login details or PINs!

Check the security and confidentiality of your access and PINs.
Never leave your login details lying around. Do not disclose your LuxTrust, BILnet or bank card PINs to third parties.
Never share your personal data with anyone else. Your bank will never ask you for this information!

Never download software remotely!

Never allow software to be installed remotely on your computer or smartphone when asked by someone you don't know (e.g. fraud via fake tech support).

Be wary when you are asked to make a credit transfer to a new beneficiary!

Take the time to check everything when making a credit transfer.
Check that the country and beneficiary account on the invoice or of the recipient are credible (e.g. the company and its bank are in the same country). Don't hesitate to contact the issuer of the invoice (on their official telephone number) to check that the beneficiary account is in fact correct (especially if you have recently received a notification informing you of a change in the account to be credited).

Stay alert!

Be vigilant if someone forces you to take action quickly!

This is one of the many tactics used by fraudsters to achieve their ends.

At the ATM: Shield your PIN and don’t let yourself be distracted.

How to protect yourself from ATM scams?

Never share your PIN – keep it strictly confidential.
Cover your PIN when entering it.
Stay focused – don’t let anyone distract you
If your card is retained, block it immediately by calling (+352) 49 10 10 or via BILnet.

Monitor your direct debits, stop suspicious withdrawals.

A quick glance at your direct debits can save you a lot of trouble.

Fraudulent automatic withdrawals can sometimes be added without you being fully aware. To stay in control of your payments, we recommend checking your SEPA direct debits regularly.

How?

Logon to BILnet, then simply click on “Direct Debits” on your home screen.
You can:

View the list of active mandates
Block a mandate if you no longer want an organisation to debit your account
Request a refund for an unauthorised or disputed debit

A quick check means lasting security.

The different types of fraud

By phone - Vishing

Vishing (voice phishing) is the practice of stealing personal information by phone.

You might receive a call from someone pretending to be a BIL employee, who will tell you that a case of fraud has been identified.
The person will enlist your help to install an application that enables them to take control of your PC in order to fix the (fake) problem or confirm supposed "cancellations" of fraudulent transactions.

By SMS or email - Smishing & Phishing

Phishing (by email) is the practice of sending an email or SMS (smishing) with the intent of stealing personal information.

The fraudster will send you a message that looks as if it comes from a trustworthy body such as a bank, telephone provider, social security organisation, the postal service, etc.
You are asked to click on a link that redirects you to a fraudulent site (that looks like the original) where you will enter your data.

By QR code - Quishing

Quishing, or phishing by QR code, is the practice of fraudsters using QR codes to redirect victims to malicious websites to prompt them to download harmful content, or to redirect them to a fake login page in order to harvest login details and/or passwords.

Bank card based

In the event of fraud, immediately block the compromised cards, either directly using the BILnet app (see our card blocking tutorial), or through Worldline by calling (+352) 49 10 10.

Report the fraudulent transactions as quickly and with as much detail as possible to Worldline on (+352) 49 10 10.

Credit transfer based

A credit transfer scam (or fake supplier scam) is the practice of deceiving the victim by pretending to be a genuine creditor (e.g. a supplier, notary, lawyer or property owner).

The scammer's aim is to redirect a credit transfer to a bank account that they control.
Check for any pending transactions that you didn't initiate, and your standing orders or the list of your usual beneficiaries, to make sure that nothing has been set up without your knowledge.
In case of doubt, block your LuxTrust certificate: directly with LuxTrust, or through your bank. You can either temporarily suspend it or permanently block it.

Investment based

Investment fraud consists of offering a financial investment that guarantees extremely lucrative returns. You may be taken in by advertising on social media or via email and visit commercial sites that look very real and professional but are in fact fakes. They may be cryptocurrency exchanges, trading sites etc.

Don’t be taken in by offers that are too good to be true, as they are probably fake!

Entify theft (spoofing) by phone - Spoofing

Phone spoofing: this is a technique used by fraudsters consisting of displaying the real telephone number of a known institution, such as BIL.

The goal is to conceal the fraudster's real number and above all inspire trust in the person called. The client believes that they recognise their bank's number, which is in fact identical, or the number of the known institution, and feels that they can trust the caller.

Websites imitating BIL platforms (bil.com, BILnet)

Do not use Google (or any other search engine) for BILnet: the results that search engines offer may send you to a fraudulent website designed to scam you.

To avoid any problems:

It is better to use your BILnet app, which is secure.
Or enter https://www.bil.com in your address bar manually.
Or save the address https://www.bil.com/BILnet/ in your favourites.

Always check that the connection is secure and the destination URL is correct.

Theft by trickery at an ATM

Card Trapping:

Fraudsters insert a device into the card slot to trap your card. While you try to retrieve it, they observe your PIN. Once you leave, they retrieve the card and use it, along with your secret PIN code, for fraudulent transactions.

Cash Trapping:

A device is placed in the cash dispenser slot to trap the banknotes. You think the ATM didn’t dispense any money and walk away – the fraudsters then retrieve the trapped cash.

Distraction Scam:

While you enter your PIN, a fraudster watches over your shoulder. Then they distract you (e.g., by asking a question or dropping something), steal your card, and disappear.

Malware on Multiline

Fraudsters may attempt to install malware on your computer via malicious emails or links. Once installed, these spyware programs can steal your login credentials, passwords, and signature codes.

How to protect yourself:

Never leave your Smartcard connected to your computer!
Use double signature to validate transactions on Multiline.
Prefer LuxTrust Scan if double signature is not possible.
Install IBM Trusteer to strengthen your workstation’s security.
Access Multiline only via www.multiline.lu, never through a search engine.
Never open suspicious email attachments.

See all recommendations at multiline.lu/en/security-recommendations

Reminder: Neither BIL nor Multiline will ever ask for your credentials by email or phone..

Software installation

This fraud scenario typically involves a social engineering scam where a malicious actor manipulates a victim into giving them remote control of their computer.

The step-by-step Fraud process

The Hook (Cold Call): The victim receives an unsolicited phone call, email, or pop-up alert from someone pretending to be from a reputable organization (e.g., Microsoft, a bank, or an internet provider). They claim the victim's device has been hacked or that the victim is owed an unexpected refund.
The Manipulation: The fraudster creates a sense of urgency and instructs the victim to download and install a remote access tool like TeamViewer or AnyDesk to "fix the problem" or "process the refund".
The Connection: The victim is persuaded to share their unique TeamViewer ID or AnyDesk ID and temporary session password, granting the scammer full access to their device.
The Fraud Execution: Once inside, the scammer asks the victim to log into their online banking, temporarily blacks out the screen, and secretly transfers funds or changes payee details.

How to Protect Yourself?

Never grant access to strangers: Legitimate tech support or banks will never cold-call you and ask to remotely access your computer.
Never share your credentials: Do not share your TeamViewer ID and password with anyone you do not personally know and trust.
Verify the source: If you receive a suspicious call, hang up and independently verify the company's official contact information before calling them back.

What to do if this happens to you?

Disconnect Immediately: End the phone call and close the AnyDesk or TeamViewer application. Turn off your device's internet connection if you feel unsure.
Contact Your Bank: Immediately notify your bank's fraud department if you believe your financial information or account has been compromised.
Uninstall the App: Delete AnyDesk or TeamViewer from your device and run a full system virus scan using built-in or reputable security software.
Change Passwords: Change the passwords to any sensitive accounts (email, banking, social media) from a different, clean device.
Report the Incident: File a report with your local police.

President fraud

Friday at 6 PM, you receive a message from your financial manager: “I have an urgent matter for you because you are my trusted person here. Can you validate this payment for a consulting invoice? This payment must go out tonight absolutely!”

The payment in question is for an amount of 150,000 EUR to Panama.

You made the payment under pressure but realized too late that it was a fraud and that your financial manager's email had been hacked. You have been a victim of president fraud...

President fraud is essentially the act of a fraudster who seeks to impersonate a member of management, a manager, or a strategic partner by using urgency, psychological pressure, confidentiality, and especially supposed authority to obtain a fraudulent payment, a change of IBAN, or access to sensitive information.

Fraudsters often use the same modus operandi: they start with identity theft through hacking a communication channel (email, phone, WhatsApp, LinkedIn), psychological pressure is then exerted by insisting on confidentiality, followed by an unusual payment request or a change of IBAN.

Several signals should immediately alert you:

an urgent and unusual request from an executive,
an absolute demand for confidentiality,
a payment to a new beneficiary or a high-risk country,
a message received outside of usual hours, a slightly modified email address, or a request not to follow the usual procedure.

These elements often indicate an attempted fraud and should lead to immediate verification.

If any of these signals appear, take the time to verify the authenticity of the instruction because doubt is allowed (i.e., call back to validate the instruction).

Prevention
& security

Stay one step ahead of the fraudsters: learn good habits!

BIL will NEVER ask you,
by SMS, email or phone:

The eight good habits you should adopt

Beware of fake calls that seem to come from BIL!