- LastPass warns of phishing campaign targeting credentials
- Attackers deceive victims with fake support conversations
- Malicious links imitate LastPass login pages
Popular password manager LastPass is warning customers of an ongoing phishing campaign aimed at obtaining their login credentials.
What makes this campaign unique is that victims are positioned as silent observers of an attack in progress – they are made to believe that they are in a unique position to stop the attack, but only if they act quickly.
In a blog post describing the campaign, LastPass noted that the scam was intended to “grab attention and generate urgency in the recipient’s mind, a common tactic for social engineering and phishing emails.”
LastPass infrastructure intact
In a “typical” phishing attack, the threat actors would pretend to be LastPass, contact the targets and claim that their account should be “secure.” In the same email they offer a link to do this, but the link is malicious and passes login information to the attackers.
In this new campaign, things are a little different. The victim receives an email chain showing a conversation between LastPass customer support and the suspected attackers. In the fake conversation, the attacker poses as the victim and requests either 2FA removal or a password reset, and customer support complies by sharing a link.
For the trick to work, the victim must believe that they have the advantage and can prevent the attack by resetting the password themselves via the link provided. But the link leads to a malicious landing page designed to look like the LastPass login site.
In the warning, LastPass says its infrastructure is intact and the emails are not coming from the company’s email domain. Instead, attackers are banking on victims not paying attention to the email address the messages are coming from.
LastPass also said that the company would never ask its customers for their master password and that they should never disclose it to anyone anyway. The company is now working to remove malicious landing pages as soon as possible. Victims who receive the phishing email are advised to contact LastPass.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
