ING Luxembourg "Security Update" Phishing Scam

A new phishing email is targeting customers of ING Luxembourg, claiming to be an "Important Update" regarding the bank's security strategy.

The email states that ING has decided to focus on Personal and Private Banking and that, as part of this evolution, security measures are being reinforced.

The scam pressures you to act quickly, setting a deadline (e.g., December 27, 2025) to "update your web banking" by clicking a link to "Mon espace sécurisé". The message warns that this step is essential to ensure the continuity of services.

How to spot this phishing attack:

1. The Sender Address: This is the most obvious sign of fraud. The display name says "ING Luxembourg SA," but the actual email address is [email protected]. A "patient portal" email from a Belgian ISP (Scarlet) has absolutely no connection to a major bank in Luxembourg.

2. Spelling Mistake: The email opens with the greeting "Chèr(e) client(e)". In French, the masculine form is "Cher" (without an accent). The word "Chèr" with a grave accent does not exist. A professional communication from a major bank is always proofread and would never contain such a basic grammatical error.

3. The Malicious Link: Hovering over the button "Mon espace sécurisé" reveals a suspicious URL shortener (like urlyte.com) or a non-ING link. A legitimate bank will never use a generic URL shortener for secure banking links; they will always link directly to their official domain (e.g., ing.lu).

4. Generic Greeting: The email addresses you as a generic "Client" instead of using your actual name. Banks typically use your full name in official security communications regarding your specific account.

If you receive this email, do not click any links. Delete it immediately. If you are unsure about a message from your bank, always log in by typing ing.lu directly into your browser or by using the official ING Banking app.