We use cookies to enhance your experience. Basic cookies are essential for the proper working of this website. For example, they save your language preferences. They also help us gather anonymous information about the use of our site. More information in our Cookie Policy.
6 ways to avoid falling victim to phishing or smishing scams
Fraud carried out through phishing and smishing has become a common occurrence these days. Many of us are now inundated with e-mails and text messages containing fake internet addresses, telephone numbers to ring, or ever more tempting offers to catch us out. We have explained to you what phishing is – now we need to help you make sure you never fall into the trap!
Check the subject and sender of the e-mail or SMS
The majority of malicious messages contain a subject line similar to these:
- You've won the lottery
- Check your account
- Your request has been registered
- Please confirm your identity (even though you are not registered with the site)
- Incredible offers
- Repayment offers
The subject of the message, as well as its source, should be enough to set your alarm bells ringing and put you on your guard. If you receive a message from a brand or store which has never contacted you in the past, you should already be starting to wonder. If you are asked to confirm your registration on a website you have no recollection of using before, go no further and delete the message.
Identify phishing e-mails and smishing texts
Phishing e-mails can come in various forms. They frequently use the company's exact logo along with the signature of one or several important people from the organisation. They may also reproduce the layout and colours used in the company's official e-mails or on its website, for example.
Hackers even use phishing techniques to trick people who have already been scammed. They pretend to be a body which could help victims recover the money lost in the scam, directing the individual to a fictitious website designed to retrieve their personal log-in details or their cash.
The smishing message will typically ask you (usually with a sense of urgency) to click on a link to a website or call a phone number in order to verify, update or reactivate your account. The website link will lead to a bogus website and the phone number to a fraudster pretending to be from the legitimate company. The goal is to get you to disclose any information that can then help the fraudsters steal your money.
Do not click on links
Phishing e-mails and smishing texts generally contain links to fake web pages which are virtually identical to the genuine website. These fraudulent websites are used by scammers to gather your personal data, or to install spyware or malware on your computer system. So be very careful about which links you click on.
Make sure you always go directly to the company's own website, by entering its address into your browser. Do not "copy and paste" the link given in the e-mail or SMS into your browser. Fraudsters are able to create links which are identical to the address of the official website. These links direct you to an exact replica of the site. You must also avoid replying to fraudulent messages. Doing so could trigger a system which will let the fraudsters know your address is active, allowing them to continue using it for spam.
Secure websites
Ensure you always use a secure website when you need to enter confidential or sensitive information. To be absolutely sure you are using a secure web server, check that the address in your browser begins with "https://" and not with "http://". A small padlock should also appear somewhere close to the address. If, during connection, your browser displays a security alert indicating that the site is not a trusted site, you should avoid going any further, as it is likely the site has been hacked.
Increase your system security
Ensure your computer is secure by using effective programs and by carrying out regular updates. For example:
- Install a firewall, or improve your existing protection
- Maintain browser security by installing updates as soon as they are available
- Ensure your operating system is also up to date
- Use a recognised anti-virus software and update it regularly
- Use an anti-spam filter
- Use an anti-spyware program
- Delete cookies as often as possible
- Use the internet logged on as a user, rather than as an administrator
For more details regarding how to improve your system security, consult the experts at: https://www.bee-secure.lu
Where in doubt
If you think you may have fallen victim to a phishing or smishing scam, contact the company concerned immediately to find out if it was in fact the source of the message. If you contact the sender (the genuine company) by telephone, make sure you use the number listed in an telephone directory or the number given on its official website.
The company will take all the necessary steps, and will report the incident to the police. If you are the victim of a scam, it is important that you report it for your own benefit, but also to prevent others being affected in the same way.
12/21
-
Simplify your life with the LuxTrust Mobile application!
Since 2021, most banks and public administrations in Luxembourg will only use one authentication device for all their online services: the LuxTrust Mobile application.
-
LuxTrust: digital trust on a national scale
You've probably heard of LuxTrust. Like almost the entire population in Luxembourg and the majority of cross-border commuters, you may already be using it for your online banking or administrative procedures. But do you really know all its features for individuals? A short reminder in the following lines.
-
LuxTrust: beware of telephone scams!
We must remain vigilant and cautious! A new form of scam is currently causing havoc in Luxembourg, and has already been the subject of several complaints to the Grand Ducal police. Individuals posing as LuxTrust employees are attempting to commit phishing attacks by telephone.