Latest Threat: LuxTrust "Suspicious Login" Phishing Alert

A new phishing campaign is targeting LuxTrust users with a highly alarming security alert. The fraudulent email claims that a "suspicious connection" has been detected on your account, specifically originating from Beijing, China.

The email uses a realistic security alert template, including details like a fake IP address (116.233.145.78) and device type (Windows PC - Chrome 121) to create fear and urgency. It pressures the recipient to click a button labeled "Ce n'était pas moi" (It wasn't me) to secure their account.

How to spot this phishing attack:

1. Fraudulent Sender Address: While the display name says "LuxTrust," the actual email address is [email protected]. Additionally, the technical return path shows it was sent via an Amazon SES server in South Korea, which is not an official LuxTrust communication channel.

2. Malicious Link: The "Ce n'était pas moi" button does not lead to the LuxTrust website. Instead, it points to lxt.elegensia.com. Cybercriminals often use legitimate-sounding subdomains on unrelated websites to host their phishing pages.

3. Fear-Based Social Engineering: By claiming a connection occurred in a distant location like Beijing, scammers hope to trigger an emotional response, causing the victim to act quickly without verifying the sender or the URL.

4. Missing Personalization: Despite claiming to be a high-priority security alert, the email does not address the user by their name.

If you receive this email, do not click any links. Delete it immediately. If you want to login on Luxtrust, always go directly to luxtrust.com or use the official LuxTrust Mobile app.