Prevention
& security

How can we help you?

Fraud prevention

A fraud scenario is currently on the rise:

fraudsters are using WhatsApp’s screen sharing feature to access victims’ banking information. This method allows them to see in real time what you are doing on your smartphone, including your access codes, login credentials and transactions.

Software installation: do not give strangers control of your device

AnyDesk, SupRemo, TeamViewer, and other similar solutions are legitimate remote desktop tools, but scammers and hackers frequently misuse them to gain unauthorized access to victims' devices (e.g.: computer, mobile).

This fraud scenario typically involves a social engineering scam where a malicious actor manipulates a victim into giving them remote control of their computer.

President fraud: don’t blindly obey!

President fraud is, in practical terms, the act of a fraudster who seeks to pose as a member of senior management, a manager or a strategic partner by exploiting a sense of urgency, psychological pressure, confidentiality and, above all, a perceived position of authority in order to obtain a fraudulent payment, a change of IBAN or access to sensitive information.

Protect yourself from fraud when online shopping.

Secure Your Cards:

  • Never save your banking information on commercial websites.
  • In-store, enter your codes discreetly and avoid distractions.
  • Keep your code separate from your card.

Beware of Online Scams:

  • Stay away from offers that seem too good to be true!
  • Take the time to check user reviews.
  • React with caution: if an offer seems urgent, it’s often a scam.
  • Verify if the merchant site is the official brand site and not a look-alike.

Stay vigilant and make safe purchases!

BILnet Security: Do not access via Google

Do not use Google (or any other search engine) for BILnet: the results that search engines offer may send you to a fraudulent website designed to scam you.

To avoid any problems:

Always check that the connection is secure and the destination URL is correct.

Fraud may take the form of attempted phishing, vishing (voice phishing) or spoofing (identity theft).

Fraudsters have no scruples in impersonating BIL staff or employees of legitimate institutions (after stealing the telephone number of the bank or institution) to harvest data/login details and misuse them for fraudulent purposes.

Remember that BIL will never ask you for your data/login details.

BIL employees will never ask a courier to come and collect bank cards from your home.

Be careful when shopping on the web!

Be extra vigilant when faced with tempting offers on the Internet. Take the time to find out all you can about the seller and read their reviews before making any payment.

Monitor your direct debits, stop suspicious withdrawals.

A quick glance at your direct debits can save you a lot of trouble.

Fraudulent automatic withdrawals can sometimes be added without you being fully aware. To stay in control of your payments, we recommend checking your SEPA direct debits regularly.

How?

Logon to BILnet, then simply click on “Direct Debits” on your home screen.
You can:

  • View the list of active mandates
  • Block a mandate if you no longer want an organisation to debit your account
  • Request a refund for an unauthorised or disputed debit

A quick check means lasting security.

Stay one step ahead of the fraudsters: learn good habits!

In the digital era, fraudsters are becoming increasingly creative, from fake online quiz games to phishing attempts.

Scammers will use any means available, including phone, post, email or the internet. Their scamming techniques are constantly changing and are ever more sophisticated.

Although we are doing everything in our power to ensure optimum security, it is vital that you learn good habits to protect yourself.

Remember

BIL will   NEVER  ask you,
by SMS, email or phone:

Profile

For your LuxTrust login details and passwords (used in BILnet).

Profile

For your bank card PIN.

Profile

To confirm supposed "cancellations" of fraudulent transactions.

Profile

BIL will never send a courier to collect your cards and PINs.

The eight good  habits  you should adopt

1

Beware of fake calls that seem to come from BIL!

  • Scammers may copy our number to steal your sensitive data.

  • Be sceptical if anyone asks you for sensitive information (usernames, passwords, card details, etc.).

  • Hang up and try to call the person back on the official number.

2

Don't click on suspicious hyperlinks received by SMS or email!

You should also be suspicious of QR codes that could redirect you to a fake login page in order to harvest login details and/or passwords.

  • Also check the sender and do not authorise any downloads.

  • Never click on hyperlinks or QR codes received by SMS or email. Don’t download the attachments either.

3

Never share your login details or PINs!

  • Check the security and confidentiality of your access and PINs.

  • Never leave your login details lying around. Do not disclose your LuxTrust, BILnet or bank card PINs to third parties.

  • Never share your personal data with anyone else. Your bank will never ask you for this information!

4

Never download software remotely!

Never allow software to be installed remotely on your computer or smartphone when asked by someone you don't know (e.g. fraud via fake tech support).

5

Be wary when you are asked to make a credit transfer to a new beneficiary!

  • Take the time to check everything when making a credit transfer.

  • Check that the country and beneficiary account on the invoice or of the recipient are credible (e.g. the company and its bank are in the same country). Don't hesitate to contact the issuer of the invoice (on their official telephone number) to check that the beneficiary account is in fact correct (especially if you have recently received a notification informing you of a change in the account to be credited).

  • Stay alert!

6

Be vigilant if someone forces you to take action quickly!

This is one of the many tactics used by fraudsters to achieve their ends.

7

At the ATM: Shield your PIN and don’t let yourself be distracted.

How to protect yourself from ATM scams?

  • Never share your PIN – keep it strictly confidential.

  • Cover your PIN when entering it.

  • Stay focused – don’t let anyone distract you

  • If your card is retained, block it immediately by calling (+352) 49 10 10 or via BILnet.

8

Monitor your direct debits, stop suspicious withdrawals.

A quick glance at your direct debits can save you a lot of trouble.

Fraudulent automatic withdrawals can sometimes be added without you being fully aware. To stay in control of your payments, we recommend checking your SEPA direct debits regularly.

How?

Logon to BILnet, then simply click on “Direct Debits” on your home screen.
You can:

  • View the list of active mandates

  • Block a mandate if you no longer want an organisation to debit your account

  • Request a refund for an unauthorised or disputed debit

A quick check means lasting security.

The different  types of fraud

01

By phone - Vishing

image

Vishing (voice phishing) is the practice of stealing personal information by phone.

  • You might receive a call from someone pretending to be a BIL employee, who will tell you that a case of fraud has been identified.

  • The person will enlist your help to install an application that enables them to take control of your PC in order to fix the (fake) problem or confirm supposed "cancellations" of fraudulent transactions.

02

By SMS or email - Smishing & Phishing

image

Phishing (by email) is the practice of sending an email or SMS (smishing) with the intent of stealing personal information.

  • The fraudster will send you a message that looks as if it comes from a trustworthy body such as a bank, telephone provider, social security organisation, the postal service, etc.

  • You are asked to click on a link that redirects you to a fraudulent site (that looks like the original) where you will enter your data.

03

By QR code - Quishing

image

Quishing, or phishing by QR code, is the practice of fraudsters using QR codes to redirect victims to malicious websites to prompt them to download harmful content, or to redirect them to a fake login page in order to harvest login details and/or passwords.

04

Bank card based

image

In the event of fraud, immediately block the compromised cards, either directly using the BILnet app (see our card blocking tutorial), or through Worldline by calling (+352) 49 10 10.

Report the fraudulent transactions as quickly and with as much detail as possible to Worldline on (+352) 49 10 10.

05

Credit transfer based

image

A credit transfer scam (or fake supplier scam) is the practice of deceiving the victim by pretending to be a genuine creditor (e.g. a supplier, notary, lawyer or property owner).

  • The scammer's aim is to redirect a credit transfer to a bank account that they control.

  • Check for any pending transactions that you didn't initiate, and your standing orders or the list of your usual beneficiaries, to make sure that nothing has been set up without your knowledge.

  • In case of doubt, block your LuxTrust certificate: directly with LuxTrust, or through your bank. You can either temporarily suspend it or permanently block it.

06

Investment based

image

Investment fraud consists of offering a financial investment that guarantees extremely lucrative returns. You may be taken in by advertising on social media or via email and visit commercial sites that look very real and professional but are in fact fakes. They may be cryptocurrency exchanges, trading sites etc.

Don’t be taken in by offers that are too good to be true, as they are probably fake!

07

Entify theft (spoofing) by phone - Spoofing

image

Phone spoofing: this is a technique used by fraudsters consisting of displaying the real telephone number of a known institution, such as BIL.

The goal is to conceal the fraudster's real number and above all inspire trust in the person called. The client believes that they recognise their bank's number, which is in fact identical, or the number of the known institution, and feels that they can trust the caller.

08

Websites imitating BIL platforms (bil.com, BILnet)

image

Do not use Google (or any other search engine) for BILnet: the results that search engines offer may send you to a fraudulent website designed to scam you.

To avoid any problems:

Always check that the connection is secure and the destination URL is correct.

09

Theft by trickery at an ATM

image

Card Trapping:

Fraudsters insert a device into the card slot to trap your card. While you try to retrieve it, they observe your PIN. Once you leave, they retrieve the card and use it, along with your secret PIN code, for fraudulent transactions.

Cash Trapping:

A device is placed in the cash dispenser slot to trap the banknotes. You think the ATM didn’t dispense any money and walk away – the fraudsters then retrieve the trapped cash.

Distraction Scam:

While you enter your PIN, a fraudster watches over your shoulder. Then they distract you (e.g., by asking a question or dropping something), steal your card, and disappear.

10

Malware on Multiline

image

Fraudsters may attempt to install malware on your computer via malicious emails or links. Once installed, these spyware programs can steal your login credentials, passwords, and signature codes.

How to protect yourself:

  • Never leave your Smartcard connected to your computer!

  • Use double signature to validate transactions on Multiline.

  • Prefer LuxTrust Scan if double signature is not possible.

  • Install IBM Trusteer to strengthen your workstation’s security.

  • Access Multiline only via www.multiline.lu, never through a search engine.

  • Never open suspicious email attachments.

See all recommendations at multiline.lu/en/security-recommendations

Reminder: Neither BIL nor Multiline will ever ask for your credentials by email or phone..

11

Software installation

image

AnyDesk, SupRemo, TeamViewer, and other similar solutions are legitimate remote desktop tools, but scammers and hackers frequently misuse them to gain unauthorized access to victims' devices (e.g.: computer, mobile).

This fraud scenario typically involves a social engineering scam where a malicious actor manipulates a victim into giving them remote control of their computer.

The step-by-step Fraud process

  1. The Hook (Cold Call): The victim receives an unsolicited phone call, email, or pop-up alert from someone pretending to be from a reputable organization (e.g., Microsoft, a bank, or an internet provider). They claim the victim's device has been hacked or that the victim is owed an unexpected refund.

  2. The Manipulation: The fraudster creates a sense of urgency and instructs the victim to download and install a remote access tool like TeamViewer, SupRemo or AnyDesk to "fix the problem" or "process the refund".

  3. The Connection: The victim is persuaded to share their unique TeamViewer ID, SupRemo ID or AnyDesk ID and temporary session password, granting the scammer full access to their device.

  4. The Fraud Execution: Once inside, the scammer asks the victim to log into their online banking, temporarily blacks out the screen, and secretly transfers funds or changes payee details.

How to Protect Yourself?

  • Never grant access to strangers: Legitimate tech support or banks will never cold-call you and ask to remotely access your computer.

  • Never share your credentials: Do not share your TeamViewer ID, SupRemo ID or AnyDesk ID and password with anyone you do not personally know and trust.

  • Verify the source: If you receive a suspicious call, hang up and independently verify the company's official contact information before calling them back.

What to do if this happens to you?

  • Disconnect Immediately: End the phone call and close the AnyDesk, SupRemo or TeamViewer application. Turn off your device's internet connection if you feel unsure.

  • Contact Your Bank: Immediately notify your bank's fraud department if you believe your financial information or account has been compromised.

  • Uninstall the App: Delete AnyDesk, SupRemo or TeamViewer from your device and run a full system virus scan using built-in or reputable security software.

  • Change Passwords: Change the passwords to any sensitive accounts (email, banking, social media) from a different, clean device.

  • Report the Incident: File a report with your local police.

12

President fraud

image

Friday at 6 PM, you receive a message from your financial manager: “I have an urgent matter for you because you are my trusted person here. Can you validate this payment for a consulting invoice? This payment must go out tonight absolutely!”

The payment in question is for an amount of 150,000 EUR to Panama.

You made the payment under pressure but realized too late that it was a fraud and that your financial manager's email had been hacked. You have been a victim of president fraud...

President fraud is essentially the act of a fraudster who seeks to impersonate a member of management, a manager, or a strategic partner by using urgency, psychological pressure, confidentiality, and especially supposed authority to obtain a fraudulent payment, a change of IBAN, or access to sensitive information.

Fraudsters often use the same modus operandi: they start with identity theft through hacking a communication channel (email, phone, WhatsApp, LinkedIn), psychological pressure is then exerted by insisting on confidentiality, followed by an unusual payment request or a change of IBAN.

Several signals should immediately alert you:

  • an urgent and unusual request from an executive,

  • an absolute demand for confidentiality,

  • a payment to a new beneficiary or a high-risk country,

  • a message received outside of usual hours, a slightly modified email address, or a request not to follow the usual procedure.

These elements often indicate an attempted fraud and should lead to immediate verification.

If any of these signals appear, take the time to verify the authenticity of the instruction because doubt is allowed (i.e., call back to validate the instruction).

13

"Screen mirroring" fraud on WhatsApp

image

Beware of fake contacts! Scammers often pose as representatives of delivery companies or other service providers, asking you to share your screen. It's crucial to remember that no legitimate provider will ever ask you to do this. Your safety is our priority!

Here's how this type of scam often unfolds:

  1. Fake contact: The scammer calls you via WhatsApp, pretending to be a bank advisor or technical support.

  2. Creating a sense of urgency: They mention issues related to a purchase or a risk of hacking.

  3. Request for screen sharing: They encourage you to activate the sharing function to "resolve the issue."

  4. Access to sensitive data: Once your banking app is open, they can see your confidential information.

  5. Fraudulent transfers: The scammers can then carry out transactions without your knowledge.

Remember: No service provider will ask you to share your screen via WhatsApp, Teams, Zoom, or any other tool. Furthermore, they will never ask you to validate a code received by SMS to cancel a transaction or to install remote access software.

If you find yourself in such a situation, here are the right reflexes to adopt:

  1. Hang up immediately if someone asks you to share your screen.

  2. Disconnect your device from Wi-Fi or mobile data to cut off all access.

  3. Change your passwords from another uncompromised device.

  4. Never open your banking app during an unsolicited call.

  5. If you have the slightest doubt, contact your bank via official numbers and report any suspicious attempts.

  6. Perform a complete antivirus scan of your devices.

Always verify the identity of the caller through official channels. Serious companies never ask you to share your screen or provide one-time passwords, and they will never pressure you. If you feel an urgency, don’t hesitate: hang up and take the time to verify.

Together, we can fight against fraud. Never share your screen with third parties, even if they claim to represent service companies. Your vigilance is our best defense.

Feel free to contact us with any questions or concerns. We are here to assist you.

Do you believe that you
have been a victim of fraud?

Monday to Friday • 8.30am to 6.00pm

Contact our Client Care Center

Evenings and weekends

Call our partner Worldline on


Permanently revoke your LuxTrust certificate

Do you wish to
block your cards?

24/7

Contact our partner Worldline