Latest Threat: CNS "National Security Card Expiration" Phishing Scam

A new phishing campaign is targeting residents in Luxembourg, impersonating the CNS (Caisse Nationale de Santé).

The email informs the recipient that their national security card is arriving at its expiration date. It urges the user to "renew the card as soon as possible" to continue benefiting from social security rights. This tactic uses a false sense of urgency and the threat of losing essential health benefits to trick the user into clicking a malicious button.

How to spot this phishing attack:

1. The Sender Address is Fraudulent: Although the display name claims to be from a "dossier arriving at expiration," the actual email address is [email protected], sent via an Amazon SES technical address. Neither of these has any connection to the official @cns.lu or @secu.lu domains.

2. The Malicious Link: Hovering over the "Renouveler ma carte" (Renew my card) button reveals a link pointing to public-renew.com. This is a fraudulent domain registered by scammers. The official portal for social security procedures in Luxembourg is always through MyGuichet.lu or the official cns.lu website.

3. Suspicious Subject Line: The subject "Support Carole Reckinge" is highly suspicious.

If you receive this email, do not click any links. Delete it immediately. You can check the validity of your social security card by looking at the date printed on the physical card.