We highlight current phishing threats and provide guidance on how to detect them.

Avis de sécurité 2022-09-02

Threat actors targeting customers of a bank in order to steal bank account credentials

vous ne pouvez plus utiliser nos services 2022-09-01

Attackers impersonating luxembourgish insurance company in order to steal credit card information

Lëtzebuerger Journal-25/08/2022 2022-08-25

Threat actors try to collect credentials.

Paypal themed phishing 2022-08-23

The threat actor leverages a fake Paypal phishing theme to steal credit card numbers and Paypal login credentials.

Remboursement en attente (1). 2022-08-19

Threat actors try to collect credit cards, Luxtrust OTP codes and credentials.

Incoming call Voice Recieved 2022-08-06

Attackers trying to steal e-mail credentials

URGENT Sales confirmation 2022-08-02

The threat actor leverages an HTML file, attached in the e-mail, to acquire the password of the recipient’s e-mail address.


Attackers try to collect personal information and debit or credit card information

Re: Hëllef Desk 2022-07-22

Attacker trying to collect Microsoft Exchange credentials

Adresse incomplète ou erronée 2022-07-12

Attacker trying to steal personal information and VISA/Mastercard information


If you are uncertain about the authenticity of an email, do not hesitate to contact the entity that seems to have sent you the email using a safe communication manner, using the phone for example (no phone number from the untrusted email must be used in order to verify the authenticity).
If you are working for the Luxembourgish government or are using any of the GOVCERT.LU services, it is important to forward phishing emails to us (using Reporting an incident or the Outlook button). This will allow us to take down phishing websites and protect members of our constituency.

Report an incident

If you wish to report an incident anonymously, please complete the PGP encrypted reporting form.

> Report
> More Information