Pay Attention: Hackers Are Targeting LastPass Users With Phishing Emails
If you’re a LastPass user, be on guard for phishing emails in your inbox. Hackers are launching waves of malicious messages impersonating the password manager.
LastPass this week warned users about the threat, saying the first wave of phishing emails began on Sept. 13. “Our customers began reporting a pervasive and convincing phishing campaign. The campaign had global reach and targeted a variety of sectors, including 87 of our own employees,” the company wrote in a blog post.
The phishing emails look like they're coming from LastPass, and ask the recipient to update their personal information immediately or risk having certain features deactivated. But in reality, the emails are fake and come from the domain “[email protected][.]th,” if you look closely.
Still, the phishing email looks convincing enough to potentially to trick some users into clicking a link embedded in the message. Doing so leads to a hacker-controlled login site at “customer-lastpass[.]su” that looks like it can steal any password and multi-factor authentication codes submitted to the portal.
The phishing emails also try to exploit the recent security struggles facing LastPass, which suffered a massive breach last year. The company has since been requiring users to reset their multi-factor authentication codes to bolster security across the platform.
Antivirus provider Malwarebytes initially warned the public about the phishing threat on Sept. 14. LastPass says it also partnered with PhishLabs to disrupt the attacks by requesting that website providers shut down the internet domains powering the phishing campaign.
“Unfortunately, the threat actors materialized again on September 19th when a similar subdomain for the credential phishing site was
Read more on pcmag.com
