Security information

Do you think you may have been the victim of an Internet scam ?
write to us

Protect your computer

Install an Internet security software program (antivirus, firewall, etc.).
Check your computer with your Internet security software regularly.
Only install reliable programs (downloaded from reputable websites or bought from reputable companies, etc.).
Keep [your computer], Internet browser and Internet protection software updated.
Protect and secure sensitive documents saved on your computer.
Secure your modem or your router with a password.

Behave carefully on the Internet.

Be very careful with unknown websites and do not visit them if you have any doubts.
Avoid downloading files from the Internet (public forums, peer-to-peer networks, etc.), most of today’s viruses are transmitted this way.
Do not open any emails from unknown senders and have those containing an attached file analysed by your Internet protection software.
Only communicate your email address for your private and business correspondence, and to trusted third-parties such as your bank.
Watch out for messages coming from your bank: some hackers falsify electronic addresses claiming they are your bank. With help of an Internet link contained in the email, they try to redirect you to counterfeit websites to extort confidential information from you.
Read error and warning messages carefully.
Do not use poorly or unsecured wireless connections (wireless network) for your bank operations.

Only use secure websites for your financial or confidential operations

Theoretically the address of a secure Internet site begins with "https", the "s" standing for "secure".
The certificate activates the green address bar in the latest versions of highly secure Web browsers and SSL TRUE 128-bit certificates are validated each time you visit the eKBL site and you benefit from the most reliable SSL transmitted data encryption currently available.

Protecting your authentication means

Being sure that the bank will never ask you to transmit your access codes by email or by telephone and any such request would therefore indicate an attempt at fraud that you should report to us immediately

Before opening a session with your bank

Close all open programmes.
Always access the secure application in person by clicking on the usual icon on your desktop that was set during the installation of the application or by typing the Internet site address yourself without using the hyperlink that may be stated in any email.
Launch your browser and do not open any other site or program.
Avoid using your favourites, any link contained in an email or link offered on another Internet site to access the bank's site.
Type the https://ekbl.kbl.lu address
Never access eKBL through other entry points : search engine, Internet address contained in an email whoever the sender is...

During the session with the bank

Check the Internet address and make sure that it always starts with https://ekbl.kbl.lu and that a padlock appears on your browser (sign of a secure Internet session) as well as the green address bar.
Read all error messages carefully and contact our UCI & Global Custody department or your client relationship manager should you have any doubts.

Confidentiality

We do not send any confidential information via emails
KBL epb never attaches any dangerous documents (programme, screen saver, etc.) to its emails.

Phishing

Phishing is a technique used by cyber criminals claiming they are financial or big companies by sending you fraudulent emails, obtaining passwords of bank accounts or credit card numbers to misappropriate funds.

E-mail Phishing
If emails look suspicious, if they ask for your password or a secret code, do not click on the links.
These emails do not come from KBL epb. Do not reply to them and never divulge your secret code.

Phone phishing
A person receives a phone call from someone who claims to be an employee of his bank. The caller states that, due to technical problems, the account of the person called will be closed if he does not provide certain personal information such as his user name and his password.

Trojan Horse
An internet user’s computer is infected by a virus. This virus is activated when a bank's site is visited and it records the keystrokes so that they can be transmitted automatically to criminals.

How does KBL epb protect its clients ?
KBL epb has implemented the following arrangements for protection
To authenticate himself on the website, the user must use not only his USER ID and password, but also a cryptocard.
Once a challenge has been issued on the eKBL website, it cannot be reissued by anyone, thereby limiting the risk of identity theft.
KBL epb never uses email to update its clients’ data. Our clients should therefore be suspicious of any unsolicited email claiming to be from KBL epb and asking them to provide their personal contact details and/or password. In addition, KBL epb advises its clients to enter the address https://ekbl.kbl.lu themselves and not to use a link contained in an email message.
KBL epb has an electronic certificate that you can check to determine if you are, in fact, connected to the bank's site. This certificate must be issued and validated by Verisign