Latest Threat: LuxTrust "Banking Ban" Information Update Scam

A highly aggressive multi-stage phishing campaign is targeting users in Luxembourg, combining psychological pressure with comprehensive data harvesting. The attack begins with an email impersonating LuxTrust, claiming that an urgent update of personal information (email, phone number, and physical address) is required to secure operations. To force a quick reaction, the scammers warn that failure to comply could result in a "banking ban" (interdiction bancaire).

This campaign is technically sophisticated, using a multi-step "Full Info" (Fullz) harvesting kit that targets customers of nearly every major bank in the country.

How the Scam Works:

1. Fraudulent Origin: The email is sent from a compromised educational domain in the Philippines ([email protected]) and uses a URL shortener (urls.fr) to mask the malicious destination .

2. Multi-Bank Impersonation: The landing page allows the victim to "Choose your bank," featuring official logos for Spuerkeess, BIL, ING, Raiffeisen, BGL BNP Paribas, Banque de Luxembourg, POST, and Deutsche Bank.

3. Identity Harvesting: The site requests the victim's full name, phone number, email, physical address, and date of birth.

4. Credential Theft: It presents a fake Luxtrust portal for the selected bank to capture User IDs and passwords.

5. Financial Theft: Finally, it demands full debit/credit card details, including the 16-digit card number, expiry date, and CVV security code.

If you receive this email, do not click any links. LuxTrust and your bank will never threaten you with a "banking ban" via email to solicit your credit card details or password. Delete the message immediately.