- LastPass warns of phishing campaign targeting credentials
- Attackers trick victims with fake support conversations
- Malicious links mimic LastPass login pages
Popular password manager LastPass is warning customers about an ongoing phishing campaign, aimed at obtaining their login credentials.
What makes this campaign unique is that victims are positioned as silent observers to an ongoing attack – being made to believe they’re in a unique position to stop the attack, but only if they act fast.
In a blog post outlining the campaign, LastPass noted the scam was dsigned to, “to draw attention and generate urgency in the mind of the recipient, a common tactic for social engineering and phishing emails.”
LastPass infrastructure intact
In a “classic” phishing attack, the threat actors would impersonate LastPass, reach out to the targets, and claim their account needs “securing”. In the same email, they would offer a link where they can do that, but the link is malicious and relays the login credentials to the attackers.
In this new campaign, things are a little different. The victim is forwarded an email chain showing a conversation between LastPass customer support and alleged attackers. In the fake conversation, the attacker impersonates the victim and requests either 2FA removed, or a reset to the password, and the customer support complies by sharing a link.
For the trick to work, the victim needs to believe they have the advantage, and that they can forestall the attack by resetting the password via the provided link themselves. But the link leads to a malicious landing page designed to look like the LastPass login site.
In the warning, LastPass says that its infrastructure is intact and that the emails are not coming from the company’s email domain. Instead, the attackers are betting on victims not paying attention to the email address from which the messages are coming.
LastPass also said that the company will never ask its customers for their master password, and that they should never disclose it to anyone, anyway. The company is now working to have the malicious landing pages removed, as soon as possible. Victims who receive the phishing email are urged to reach out to LastPass.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/c4QP7aaNUyPVDArLAi8iTT-1200-80.jpg
Source link
