PhishingWe highlight current phishing threats and provide guidance on how to detect them.
URGENT Sales confirmation 2022-08-02
The threat actor leverages an HTML file, attached in the e-mail, to acquire the password of the recipient’s e-mail address.
Attackers try to collect personal information and debit or credit card information
Re: Hëllef Desk 2022-07-22
Attacker trying to collect Microsoft Exchange credentials
Adresse incomplète ou erronée 2022-07-12
Attacker trying to steal personal information and VISA/Mastercard information
Attackers trying to steal credit card information, Luxtrust credentials and one-time password (OTP) token
Attackers targeting Société Générale customers trying to steal bank account information
Manchester Contract document 03894 Order 2022-06-21
Attackers trying to steal OneDrive credentials by impersonating an air conditioning servicing and maintenance and fire sprinkling company
Threat actors trying to steal credit card information and Luxtrust token by using a Foyer.lu phishing theme
Colis XXXXXXXXX n'a pas pu être livré 2022-06-14
The threat actor leverages a fake GLS phishing theme, to steal personal identifiable information and credit card numbers.
RE: bureau d'aide 2022-06-10
Threat actors trying to steal Microsoft Exchange credentials
PreventionIf you are uncertain about the authenticity of an email, do not hesitate to contact the entity that seems to have sent you the email using a safe communication manner, using the phone for example (no phone number from the untrusted email must be used in order to verify the authenticity).
If you are working for the Luxembourgish government or are using any of the GOVCERT.LU services, it is important to forward phishing emails to us (using Reporting an incident or the Outlook button). This will allow us to take down phishing websites and protect members of our constituency.