Select your location:

Location

Select your language:

Important Security Notice

Notice of Recent Fraudulent Email Activities Targeting KUKA Stakeholders. Misuse of the Identities of KUKA executives.

01 March 2026

KUKA has identified recent cases of fraudulent email activity in which external attackers attempted to impersonate members of the KUKA organization. Since early February 2026, several partner companies have reported receiving fake emails claiming to originate from KUKA executives, including CEO Christoph Schell. Although these messages appeared to come from legitimate kuka.com email addresses, they were not sent through KUKA’s IT systems.

 

Following a comprehensive cyber security investigation, there is no indication that KUKA’s internal systems have been compromised. Instead, attackers appear to be using publicly available information to impersonate KUKA executives in an effort to deceive external recipients.

 

KUKA encourages all external partners, customers, and other stakeholders to remain vigilant and aware of these attempted fraud activities.

How to Recognize Suspicious Emails

Fraudulent messages reported in this context commonly include:

  • Unspecific or unexpected procurement proposals
  • Unusual requests for payments or changes to account information
  • Urgent demands framed as confidential matters
  • Unexpected to download documents
  • Messages sent from private, non-corporate, or unofficial email accounts

    Anyone interacting with KUKA-related communication is advised to carefully verify the legitimacy of emails containing such elements.

Recommended Security Measures

To reduce the risk of spoofed emails being delivered, organizations are encouraged to ensure that:

  1. DKIM, DMARC, and SPF validation is properly configured, enabled, and enforced.
    These mechanisms significantly reduce the likelihood that fraudulent emails can pass through security filters.
  2. Whitelisting rules for the kuka.com & kuka.news domain do not override essential DMARC checks.
    Even trusted domains should not bypass authentication controls.

What to Do if a Suspicious Email Is Received

Any message that appears unusual or raises suspicion — especially if it claims to come from KUKA executives — should not be replied to and no instructions should be followed. Instead, recipients are encouraged to contact their known KUKA representatives through established communication channels to verify authenticity.

KUKA’s Ongoing Commitment to Security

KUKA is sharing this information to raise awareness and support the protection of ongoing business relationships. While no action beyond increased vigilance and proper email-security configuration is required, maintaining awareness is essential to preventing fraudulent activities.
KUKA remains committed to safeguarding communication integrity and supporting partners and customers in identifying and handling suspicious messages.