Be aware of common threats
- Phishing emails – these messages will often ask you to respond ‘urgently’ with click-through links or may ask you to provide personal information.
- Smishing (SMS Phishing) – these are fraudulent texts purporting to be from your bank or other services with the aim of tricking you into downloading malware, sharing sensitive information or sending money to cyber criminals.
- Social engineering – this is a tactic where scammers may impersonate bank staff or family members and encourage you into taking unsafe actions such as divulging personal information, clicking on web links or opening attachments that may be malicious.
- Fake banking apps and websites – cyber criminals create lookalike apps or websites in order to steal your credentials.
- Search engine poisoning – cyber criminals may use this tactic to make their malicious websites rank higher in online searches than legitimate sites.
- Malvertising – the practice of incorporating malware into online advertisements.
DOs and DON’Ts
✅ DO
- Use strong, unique passwords or passphrases for your banking and email accounts.
- Enable two-factor authentication (2FA) wherever possible – by doing this you make it significantly more challenging for attackers to gain access, even if they have stolen your password.
- Think before you click, including web search results; if something feels wrong, trust your instincts and don’t click through.
- Keep all your devices and applications updated.
- Be wary of ‘urgent’ requests prompting you to take ‘immediate action’.
- Report any suspicious banking activity to FundBank immediately.
- Always log out of all user sessions from a computer or mobile device.
- Only download mobile applications from trusted sources.
- Be cautious of public Wi-Fi.
❌ DON’Ts
- Don’t share your PINs, passwords, or verification codes with anyone.
- Don’t click on links in unsolicited emails or messages.
- Don’t use public Wi-Fi for accessing your bank account.
- Don’t ignore software updates or security warnings.
- Don’t assume messages from ‘FundBank’ are genuine without verification.
- Don’t use untrusted sources for the FundBank eBanking login page (e.g. login page found via Google search).
- Never click ‘unsubscribe’ from unknown email sources – just mark as SPAM.
Useful learning resources
Websites:
- Cyberfraud.lu (Luxembourg)
- National Cybersecurity Portal (Luxembourg)
- Secure Our World | CISA (U.S.)
- Cybersecurity Alerts & Advisories | CISA (U.S.)
- Cyber Security – Cayman Islands Bankers Association (Cayman Islands)
Further support and contacts
If you suspect fraud or have any questions about your account security, you can reach out directly to your Relationship Manager or contact us here.