CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Cybercrime

LastPass Users Targeted With Backup-Themed Phishing Emails

Threat actors may have wanted to take advantage of the holiday weekend in the United States to increase their chances of success. The post LastPass Users Targeted With Backup-Themed Phishing Emails appeared first on SecurityWeek.

Lastpass phishing

LastPass is warning customers about a new phishing campaign that involves emails advising targeted users to back up their vaults.

The phishing emails, which started circulating on or around January 19, have subject lines that reference maintenance and instruct recipients to create a backup of their vault.

The body of the email provides instructions for creating a backup and contains a link pointing to a phishing page designed to trick victims into handing over their master password. The phishing page is hosted on a fake LastPass domain.

“Please be advised that LastPass is NOT asking customers to backup their vaults in the next 24 hours; rather, this is an attempt on the part of a malicious actor to generate urgency in the mind of the recipient, a common tactic for social engineering and phishing emails,” LastPass warned.

The company also noted, “The timing of the campaign, which fell over a holiday weekend in the United States, is a common tactic among threat actors seeking to take advantage of reduced staffing under the assumption it will postpone detection and draw out response time.”

The password manager provider has shared indicators of compromise (IoCs) to help customers identify and block attacks. 

LastPass customers are regularly targeted by threat actors in phishing and other attacks. The company itself has also been targeted by hackers, including in attacks involving deepfakes

However, the most significant security failure remains the 2022 breach, in which attackers exfiltrated the encrypted vault data of millions of users. 

Fallout from that incident continues; TRM Labs reported in December that threat actors are successfully cracking stolen master passwords to access vaults and drain cryptocurrency wallets.

Related: FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes

Related: Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks

Related: AI Is Supercharging Phishing: Here’s How to Fight Back

Related: Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit 

Latest News

CYBERNEWSMEDIAPublisher