Phishers seduce BNP Paribas customers with lottery winnings in emails

MX Lab,, started to intercept a new phishing campaign by email where phishers attempt the BNP Paribas customers to seduce with lottery winnings.

The email is sent from the spoofed email address “BNP PARIBAS FORTIS <>” with the subject “PRIJS WINNER – NATIONALE-LOTERIJ.BE – REKENING UPDATE”.

The body of the email:



Geachte klant,

BNP PARIBAS FORTIS is een van sponsors en dat maakt u (uw rekening) automatisch lid van
Volgens BNP PARIBAS FORTIS en database heeft uw rekening recht op €35,000.00 (vijf en dertig duizend euro), maar uw rekening is nog niet gekoppeld aan onze nieuw beveiliging update. Dit toekenningsprogramma is voor zowel BNP PARIBAS FORTIS persoon en bedrijf rekeningshouders.

Om u prijs te eisen,


Vul de lijst van vragen volledig in en contact wordt met u opgenomen binnen 24 uur door een van onze medewerkers voor een beveiliging update. De gesprek zullen streng over beveiliging updaten, zorg dat u meewerkt, er wordt geen vragen gesteld over u prijs, geef verder ook geen informatie over uw prijs aan niemand.

Wacht tot u gebeld wordt, anders geef uw informatie aan de verkeerd persoon of afdeling.

Mevr. V. Schroons (BNP PARIBAS FORTIS)
Mevr. J. Geben (

The body of the email states that BNP Paribas Fortis is one of the sponsors of the organisation National Lottery  Belgium (who is responsible for lottery games) and that each bank customers is a member of this organisation.

According to BNP Paribas Fortis and the National Lottery  Belgium, the receiver of this email has a right to claim the 35.000 euros but in order to claim the price, the user need to connect their bank account to the new security update. The user is requested to fill in a short web from at hxxp:// with some personal details (see screenshot).

All the submitted details are processed by the web page bnp.php. After that, the user is forwarded to an official web page of BNP Paribas Fortis with some information regarding the Isabel security system.

As stated in the email, after submitting the requested details, a co-operator will take contact by phone within 24 hours. Striking is that in the email there is the recommendation not to talk to other persons regarding the email or regarding the price that you will receive. Full cooperation is requested when you are called and you have to wait until you have receive the phone call, you could give some else valuable information.

MX Lab recommends not to go along with such kind of emails and to ignore the emails. It is uncommon that bank account owners have a chance to win a large amount of money.