Evil scam targets LastPass users with fake death certificates

Phishing emails claim victims are dead to steal LastPass master passwords
Fake page lastpassrecovery[.]com impersonates LastPass to harvest credentials and access keys
CryptoChameleon group behind attack; targets include crypto wallets and passwordless logins

Scammers try to get LastPass user master passwords with a bad phishing email scheme regarding their death.

The password manager has a legacy feature – so if someone proves that the account owner is dead and that person is the next of kin (or is otherwise believed to have accessed the account), LastPass can comply and hand it over.

However, in phishing emails, victims are told that someone has uploaded a death certificate confirming their passing and that unless they act quickly, it will give them access to their Vault (essentially an encrypted password storage database).

Crypto chameleon

“Taking a quick action” means clicking a link and logging into your LastPass account. However, those who rush to do so will not notice that the site they are logging into is not LastPass, but rather – lastpassrecovery[.]com – a fraudulent landing page built only to harvest the login credentials of gullible people.

The threat actor behind this morbid campaign is called CryptoChameleon – they are a well-known hacking collective specializing in crypto theft.

In the past, the group has been seen targeting Binance wallets, Kraken, Gemini and other platforms using fake Okta, Gmail, iCloud and Outlook login landing pages and access keys.

Access Keys is a passwordless authentication method that uses public key cryptography to verify the person’s identity without storing or entering a password. It’s generally considered much more secure than a password, and many of the world’s biggest tech companies have pushed to replace them entirely.

Of course, the best way to defend against the attack is to think before you click and be skeptical of any email that requires urgent action.

Via Bleeping Computer

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!

And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.

The best antivirus for all budgets

Our top picks based on real-world tests and comparisons

Must Read

Leave a Comment Cancel Reply