We highlight current phishing threats and provide guidance on how to detect them.

URGENT Sales confirmation 2022-08-02

The threat actor leverages an HTML file, attached in the e-mail, to acquire the password of the recipient’s e-mail address.


Attackers try to collect personal information and debit or credit card information

Re: Hëllef Desk 2022-07-22

Attacker trying to collect Microsoft Exchange credentials

Adresse incomplète ou erronée 2022-07-12

Attacker trying to steal personal information and VISA/Mastercard information

Attention, votre certificat LuxTrust expire bientôt | Attention, votre certificat LuxTrust arrive bientôt à expiration | Achtung : Das Zertifikat für Ihr LuxTrust läuft soon ab ; 2022-07-07

Attackers trying to steal credit card information, Luxtrust credentials and one-time password (OTP) token

E-DOC-S001245226G022 2022-06-29

Attackers targeting Société Générale customers trying to steal bank account information

Manchester Contract document 03894 Order 2022-06-21

Attackers trying to steal OneDrive credentials by impersonating an air conditioning servicing and maintenance and fire sprinkling company

votre facture a été prélevé 2 fois (ref:#642-9389) 2022-06-15

Threat actors trying to steal credit card information and Luxtrust token by using a phishing theme

Colis XXXXXXXXX n'a pas pu être livré 2022-06-14

The threat actor leverages a fake GLS phishing theme, to steal personal identifiable information and credit card numbers.

RE: bureau d'aide 2022-06-10

Threat actors trying to steal Microsoft Exchange credentials


If you are uncertain about the authenticity of an email, do not hesitate to contact the entity that seems to have sent you the email using a safe communication manner, using the phone for example (no phone number from the untrusted email must be used in order to verify the authenticity).
If you are working for the Luxembourgish government or are using any of the GOVCERT.LU services, it is important to forward phishing emails to us (using Reporting an incident or the Outlook button). This will allow us to take down phishing websites and protect members of our constituency.

Report an incident

If you wish to report an incident anonymously, please complete the PGP encrypted reporting form.

> Report
> More Information