- LastPass warns against phishing campaign targeting information
- Attackers trick victims with fake support calls
- Malicious links mimic LastPass login pages
Popular password manager LastPass is warning customers about an ongoing phishing campaign aimed at obtaining their login information.
What makes this campaign unique is that victims are positioned as silent observers of an ongoing attack – they are made to believe that they are in a unique position to stop the attack, but only if they act quickly.
In a blog post outlining the campaign, LastPass noted that the scam was designed “to attract attention and generate urgency in the mind of the recipient, a common tactic of social engineering and phishing emails.”
LastPass infrastructure intact
In a “classic” phishing attack, the threat actors would impersonate LastPass, reach out to the targets and claim their account needs to be “secured.” In the same email, they would offer a link where they can do so, but the link is malicious and forwards the login credentials to the attackers.
In this new campaign, things are a little different. The victim is forwarded an email chain that shows a conversation between LastPass customer support and alleged attackers. In the fake conversation, the attacker poses as the victim and requests either 2FA removed or a password reset, and customer support complies by sharing a link.
For the trick to work, the victim must believe that they have the advantage and that they can prevent the attack by resetting the password themselves via the provided link. But the link leads to a malicious landing page designed to look like the LastPass login site.
In the warning, LastPass says its infrastructure is intact and that the emails are not coming from the company’s email domain. Instead, the attackers are betting that the victims are not aware of the email address from which the messages come.
LastPass also said that the company will never ask its customers for their master password, and that they should never reveal it to anyone anyway. The company is now working to have the malicious landing pages removed as soon as possible. Victims who receive the phishing email are encouraged to contact LastPass.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
