Latest Threat: LuxTrust "Verify-26" Security Audit Phishing Scam

A highly sophisticated phishing campaign is currently targeting LuxTrust users in Luxembourg. The email is designed to look like a formal "Security Bulletin" (LTS-2026-01) issued following a supposed annual security audit on January 1st, 2026.

The message claims that your account access has been "proactively suspended" as part of a security protocol named "Verify-26." It provides a detailed timeline of events to create a sense of legitimacy and urgency, pressuring you to click an "official" button to reactivate your account immediately.

How to spot this phishing attack:

1. The Sender Address is Deceptive: While the display name says "LuxTrust," the actual email address is [email protected]. Additionally, the email was sent through an Amazon SES relay. Official LuxTrust communications will always originate from the @luxtrust.lu domain.

2. The Malicious Link: The "ACCÉDER AU PORTAL DE VÉRIFICATION" button points to the fraudulent domain https://luxemburg-id.com/. Always check that the URL in your browser is https://luxtrust.com.

3. The High-Pressure Timeline: The email includes a fake "Chronology" stating that a security audit was performed just hours ago. This is a social engineering tactic intended to panic the recipient into following the instructions without pausing to verify the source.

4. Unexpected Security Terms: The scam refers to a "Verify-26" protocol. Cybercriminals often invent technical-sounding names for their fake protocols to sound more authoritative and intimidating.

If you receive this email, do not click any links. Delete it immediately. If you are concerned about your account status, always log in manually via the official LuxTrust Mobile app or by typing https://luxtrust.com directly into your browser.