With the development of digital technologies, cybercrime targets everyone, from private individuals to large corporates. The goal of fraudsters is simple – to steal your money and/or your personal data. To these ends, fraudsters are constantly evolving their attack techniques; these are sophisticated and multi-formed and continuously taking advantage of current events, such as the remote working environment. It is therefore of utmost importance that you remain vigilant and act with caution.

At Swissquote, the security of our clients is a high priority. For this reason, we provide below an overview of the most common scams and the main recommendations on how to protect yourself and prevent them, along with security guidance for your payments.

• Unsolicited email/SMS
• Being under pressure to act
• Claims of instant returns or high yield with no risk
• Bad spelling /grammar or clumsy expressions
• Unusual layout
• Email address or URL (website address) manipulated
• A link without the letters “https” at the beginning of the URL and without a closed padlock icon means that the website in unsecure
• The email contains a file extension such as .pif, .com, .bat, .exe, .vbs, .Ink

If you are not sure about a message, call or email you have received, report it.

Do not reply and never click any links or attachments to a questionable message. Contact the company or the individual through a trusted channel, using contact details you have or are publically available, not those on the suspicious message.

If it is related to your bank account, please contact phishing.lu@swissquote.lu.

We also recommend you to modify immediately the password you use to access your accounts if you think you've responded to a phishing email or SMS, or connected through a fake website. Do not hesitate to contact us for further security measures.

We are constantly reviewing the ways we protect our customers online or when they are in contact with our Customer Care.

We protect you by:

• Using encryption. We always use industry-standard encryption to protect your online transaction and data to safeguard your account from any unauthorised access.
• To authenticate you by Strong Customer Authentication (SCA) based on mobile phone authentication as an extra layer of protection. So you can only access your account once you have successfully authenticated yourself. Similarly, to make payment instructions you also need to confirm your instruction on the Swissquote mobile application.
• Creating secure online sessions. When you log in to your Swissquote account you are said to be in a secure session. You know you are in a secure session if the URL address begins with https://www.swissquote.com/en-lu and a padlock symbol appears at the top of the page as part of the address bar.
• Using session timeouts. If you forget to log off after banking online or your computer remains inactive for a period of time during a session, our systems automatically log you off.
• Implementing automatic lockouts. After a number of incorrect attempts to log in, the online access to your account is disabled. You should contact our Customer Care center to reactivate it.
• Informing you about some operations that may be unusual on your account

Swissquote will never ask you:

• to reveal personal data about yourselves (login, passwords, L3 card, personal or banking information) through an e-mail or text message
• to connect to websites that are not endorsed by Swissquote
• to call us on a new telephone number
• to make a cash transfer to a safe account or a new bank account (payment instructions can be verified on your online account at any time), nor hand over cash
• to carry out a "test" transaction online
• to take quick decisions or respond under pressure, especially through unsolicited messages
• to download an attachment or to install software or let anyone remotely log on to your computer or other devices either during or after a call
   

Swissquote will also never:

• send someone to your home to collect cash, bank cards or for any other financial interactions
• provide banking services through any mobile apps other than the Bank's official apps

Online bank payments with Swissquote

• Always connect via www.swissquote.com/en-lu
• Use two-factor authentication method
  Swissquote offers you secure internet banking account which is compliant with the legal requirements for Strong Customer Authentication (SCA) based on mobile phone authentication.
• Never log into your bank account from a foreign or public computer and ensure you properly log out of your account.
• Monitor regularly your bank account statements and report to our Customer Care any illegitimate operations without delay.

What is Level 3 code?

In order to provide a supplementary security layer to access your account, we provide a Level 3 code, either physical or electronic, that you’ll need to enter after your password. 

Physical Level 3 Card
Downloaded on your online account

Electronic Mobile Level 3
Code sent to your smartphone

Always keep your Level 3 Card in a safe place and ensure that nobody can access it. Otherwise, use the Mobile Level 3 code function following this procedure.

What is the two-factor authentication process?

Our two-factor authentication process verifies your identity, by requiring two passcodes in order to access your Swissquote account:

A passcode you know:
your account password

A passcode you receive:
your Level 3 code

This allow us to guarantee the upmost security for your Swissquote account, so your money and personal data are as invulnerable as it gets. 

Please follow these simple steps to safeguard your personal data:

1. Do not disclose your log in and/or private information (to third parties or online). Do not leave documents like ID documents, account statements, bills in an unsecure place.
2. Always use your personal Swissquote secure mailbox.
3. Visit the Swissquote website by typing www.swissquote.com/en-lu in your browser. Do not "copy and paste" links provided in e-mails or text messages into your browser, neither use the web search engine function which may redirect you to fake websites.
4. Never be rushed into anything, wait 5 minutes and reflect on what is being asked.

5. Increase your system security. Secure your computer with effective security programs with regular updates. For example:

   - Install a firewall

   - Keep your operating system and web browser up to date and set up with automatic updates so you don’t miss out on important security patches. Most browsers have built-in protection against phishing and will notify you if you open a fraudulent website

   - Use a recognised anti-virus software and update it regularly

   - Use an anti-spam and anti-spyware programs

   - Delete cookies, browser history and cache as often as possible

6. Do not share your computer or mobile phone and take precautions when using a shared or open-access computer (internet café, hotel lobby…) or wifi hotspot. Always log out of your session using the buttons or hyperlinks provided and close the browser.

7. Make your password more secure.

   - Keep them to yourself. Do not write it down

   - Vary them

   - Make them hard to guess. Combine capital and lowercase letters with numbers and special characters to create strong passwords

   - Change them regularly

8. Learn to spot scams and what Swissquote will never ask you.
9. Update your latest and valid personal details with the bank, such as mobile phone number to ensure correct correspondence for change confirmations when suspicious transactions appear.
10. If you suspect that your statement or account details have been stolen or compromised, please contact us immediately to report the case. Report also any suspicious email links, attachments or websites associated with Swissquote to us at phishing.lu@swissquote.lu.

The website https://www.bee-secure.lu, supported by the Luxembourg government and providing useful information and recommendations, will help you to use the Internet responsibly and safely.