I got a text from a Polish number to a link which reads that I have some tax refunds to collect and they need my bank details. The look of the website is pretty much like the guichet.public site.

Is it legit?

Image attached.

8 comments

  3. Scam. It’s the wrong website and they let you know by written letter if you have to pay or to receive money

  4. It’s very much NOT legit. Why would you think the tax office would text you from a polish number, to a website that is not the actual guichet site, and need more than your bank account from your tax declaration to send money to you???? And why would you ever have to choose your bank to log in with luxtrust on myguichet?

    Edit: and on top of that a 24 hour delay. Yeah … suuuure. The more I look at it, the worse it gets.

  6. 1. Why would the Luxembourg government use a polish phone number?
    2. Why would the Luxembourg government use a “live” TLD? As opposed to a “.lu” TLD
    3. If you are actually entitled to a tax refund, it’s **NOT TIMELIMITED**
    4. The government wouldn’t be telling you “GUICHET a calculé”
    5. You need to provide your bank details when filing your tax returns. They have them on file
    6. If you are entitled to a refund, then they send you a “décompte” by mail showing how much you’ll get and that it will be wired
    7. If they can’t make the payment, then they’ll let you know in writing. Again by mail

    Imma stop here so as not to encourage scumbags to improve on their shoddy work… Rot in hell, scammers.

  7. One of the best ways to spot scams is by knowing a little about URLs. guichet-online.live rings alarm bells immediately!

    As a brief explanation URLs are made up of:

    [protocol][subdomain(s)].[domain].[top level domain]/[stuff you can ignore]

    So, for http://www.google.lu/doodles
    – http:// is the protocol, any bank or site needing security will use https
    – www is the subdomain (you can safely ignore this, but there can be more than one)
    – Google is the domain. It is important to check that this is correct as far as the establishment you’re contacting. Scammers try to pick things that seem similar so be very careful, eg. guichet-online vs the real guichet.public.lu*
    – .lu is the top level domain, this is important to check as legit establishments tend to use recognised tlds such as .lu, .co.uk, .gov etc.
    – doodles can be ignored – it tells the server which ‘directory’ to look in, scammers put realistic sounding stuff here to enhance their credibility.

    ‘* actually we now know guichet.public.lu is the guichet subdomain on the public server in the lu top level domain.

Leave a Reply