Security recommendations
Questions fréquemment posées
-
We recommend to protect your computer with a firewall, an antivirus program and an antispyware and to keep this software permanently up to date.
The letters 'https' at the beginning of the Internet address and a closed padlock icon indicate that the website is secure. Double clicking on the closed padlock enables you to check that the site’s certificate is valid. The certificate must show the holder, issuer and date of expiry.
The password is a key element of security; Spuerkeess recommends that passwords be changed regularly.
Please note that Spuerkeess never contacts its customers via email to ask for personal and confidential data. Please inform us of any such attempts by sending an email to sdi@spuerkeess.lu or by calling us on (+352) 4015-1.
To protect yourself against the various risks associated with using the Internet, we recommend you observe the following instructions:
- Update your operating system regularly.
- Install a firewall and anti-virus-software and keep them regularly updated.
- Never install or use an executable program if you do not know its exact source.
- Work using a limited rights user profile (often administrator rights are needed for spyware programs to be able to install themselves).
- Change your passwords regularly.
- Intrusive requests for personal data (e.g. password).
- Attractive proposals/nice promises (e.g. win an Ipad).
- Requests from strangers.
- Weird screens, strange phrasing, texts with typing errors.
In case of doubt...
For any questions relating to the security on the Internet, please contact our e-Banking Helpdesk: (+352) 4015-1 helpdesk.pai@spuerkeess.lu.
-
- Never disclose your confidential connection data to a third party.
- Avoid connecting to S-Net from an unknown workstation (in a cybercafé for example).
- Disconnect from S-Net at the end of every session by clicking on the “Logoff” button and close all windows in your browser.
- Remove your LuxTrust smartcard or signing stick from the reader or the USB port when you are not using it.
- Never use a Spuerkeess Internet address in an email link. Enter the address yourself, or save it in your favourites.
- Check that the security certificate is issued in Spuerkeess’s name by clicking on the padlock shown in the browser (under Internet Explorer, Mozilla Firefox, Safari under MacIntosh). This guarantees that you are connected with Spuerkeess via a secure connection.
-
Password (PIN) : You must memorise your password and take care not to write it on your bank card or any other media. You should not divulge it to any third party.
If you withdraw money through a bank ATM, following recent attempts at fraud using relatively sophisticated equipment (Skimming), you are advised to check that the equipment is functioning correctly.
- If you use your card on the Internet, take care to enter your card number only on credible or secure Internet sites (https://.....)
- Be wary of phishing
Spuerkeess will never ask you to provide your card security data or your LuxTrust certificate/token data. Do not share it with a third party under any circumstances.
Spuerkeess will never ask you to approve a transaction with your LuxTrust certificate/token.
If you have any doubt, hang up and immediately call Spuerkeess Direct on (+352) 4015-1. -
Various attempts at fraud with copies of bank cards produced using fairly sophisticated devices installed temporarily on cash machines (Skimming).
- a device to copy the magnetic strip of the card fitted in the slot where the card is inserted
- a mini-camera hidden in various enclosures and positioned so as to be able to record the secret code. Sometimes, another device is also placed on top of the numeric keypad to retrieve the secret code.
If you spot such a device on a cash machine, try to memorise as many details as possible, but do not carry out any transaction.
Move away from the machine and do not seek a confrontation with the criminals by trying to remove the device.
Find somewhere, where you can use your mobile phone discreetly or look for a telephone box to call SIX Payment Services on 49 10 10 (number available 24 hours a day, 7 days a week to block cards). -
The tactic employed by tricksters is to send an e-mail, SMS or make a phone call in the bank's name, in which they use a pretext (e.g.: technical breakdown, internal enquiry, etc.), to lure their victim to a fake website (normally designed in the bank’s house style colours), where the victim is asked to provide personal data such as: their Internet banking agreement number, password or credit card details, LuxTrust credentials, etc.
There is no limit to the ways in which phishers operate to achieve their ends.
How can I protect myself against phishing?
- Stay alert to e-mails, text messages as well as unsolicited calls or calls from unknown interlocutors.
- Never send any personal data (Internet banking agreement number, password, credit card details, etc.) in reply to an e-mail.
- Use preferably our S-Net Mobile application on your smartphone and tablet, or type https://bcee.snet.lu into your Internet browser.
- It is preferable to use LuxTrust Mobile for your transactions instead of the token. You will obtain more information about the transaction to be validated.
- Spuerkeess will never send an e-mail or SMS asking its customers to reveal personal data about themselves (Internet banking agreement number, password or credit card details, etc.).
- Spuerkeess will never send an unsolicited (or unrequested) non-encrypted e-mail or SMS containing an executable program to be installed on the customer's PC.
- Spuerkeess will never call its customers by phone in order to ask them to communicate their personal data.
- The S-Net site is authenticated by a digital certificate that has been issued on behalf of Spuerkeess. It is presented every time you log on.
If you think you have been the victim of such an attack – by having sent personal data about yourself to the sender of an e-mail – please block your agreement by selecting "Options - Block Agreement" in S-Net and contact us to obtain a new set of security documents.
We strongly advise you never to reveal personal data to a third party and in particular never to install an unsolicited program on your PC.
Useful links
Information Security Portal of the Luxembourg Government: nc3.lu
Website of the Antiphishing Working Group.
