ACL (Phishing)

Explanation

The objective of this phishing campaign is to gather personal data and credit card information.

The domain used in this campaign (myacl[.]lu) impersonates the legitimate acl.lu domain.
The phishing pretends that the user’s ‘Pass ACL’ is about to expire.

On the first page, the user is asked to enter personal identifiable information such as name, email address and date of birth.
On the following page their postal address and phone number are collected.
Credit card information and LuxTrust credentials are phished on the following two pages.
When clicking on ‘Retourner au site ACL’ on the final confirmation page, the user is redirected to the legitimate ACL page.

Example

0x00

Prevention

If you are uncertain about the authenticity of an email, do not hesitate to contact the entity that seems to have sent you the email using a safe communication manner, using the phone for example (no phone number from the untrusted email must be used in order to verify the authenticity).

If you are working for the Luxembourgish government or are using any of the GOVCERT.LU services, it is important to forward phishing emails to us (using Reporting an incident or the Outlook button). This will allow us to take down phishing websites and protect members of our constituency.

0x01

Méi Phishing Beispiller

Alleguer gesinn

ACL (Phishing)

Explanation

Example

Prevention

Méi Phishing Beispiller

CCSS (Phishing)

LuxTrust (Phishing)

ANTAI (Phishing)

Iwwer eis

Nächst Schrëtt

Ressourcen