Explanation
The goal of this phishing campaign is to steal LuxTrust credentials.
The distribution method is unknown since only the phishing domain was discovered by us.
The domain, impersonating LuxTrust, claims that the user information needs to be updated.
It then provides different steps, leading the user to disclose their information.
After selecting their bank, they are redirected to a fake login page of the corresponding online banking portal, where their LuxTrust credentials are finally stolen.
All these steps are taking place on pages under the malicious domain ‘informations-luxtrust[.]com’ .
Example