We explain why in this game of nerves, the one who rushes loses.
LastPass has warned of a new phishing campaign in which unknown individuals attempt to gain access to users' master passwords. The attack is disguised as a service message from the service and is aimed at stealing data from password vaults.
Fake emails began being sent around January 19th. They allegedly mention upcoming maintenance, requiring account owners to create a local copy of their storage within 24 hours. The subject line uses language designed to raise alarm and urge immediate action, including calls to urgently protect data or not miss the opportunity to make a backup before upgrading the infrastructure.
The purpose of these emails is to redirect recipients to a fake page requesting a master password . The user is first redirected to a subdomain of Amazon cloud storage, which then redirects them to a domain that mimics the official LastPass website. The company emphasizes that it never requests a master password from its customers and does not require urgent action, especially with a time limit.
The emails are reportedly being sent from multiple addresses, including "support@lastpass[.]server8" and similar ones, impersonating LastPass's internal servers. The company's team is currently working with other organizations to block the infrastructure used by the attackers.
Phishing attacks rely on creating a sense of urgency—this technique is considered one of the most common and effective in such schemes. LastPass representatives urge users to remain vigilant and continue reporting suspicious incidents.
This incident is the latest in a series of attempts to attack the service's users. Last year, the company reported on macOS malware distributed through fake GitHub repositories. At that time, the attackers disguised the malicious apps as LastPass and other popular tools.
LastPass has warned of a new phishing campaign in which unknown individuals attempt to gain access to users' master passwords. The attack is disguised as a service message from the service and is aimed at stealing data from password vaults.
Fake emails began being sent around January 19th. They allegedly mention upcoming maintenance, requiring account owners to create a local copy of their storage within 24 hours. The subject line uses language designed to raise alarm and urge immediate action, including calls to urgently protect data or not miss the opportunity to make a backup before upgrading the infrastructure.
The purpose of these emails is to redirect recipients to a fake page requesting a master password . The user is first redirected to a subdomain of Amazon cloud storage, which then redirects them to a domain that mimics the official LastPass website. The company emphasizes that it never requests a master password from its customers and does not require urgent action, especially with a time limit.
The emails are reportedly being sent from multiple addresses, including "support@lastpass[.]server8" and similar ones, impersonating LastPass's internal servers. The company's team is currently working with other organizations to block the infrastructure used by the attackers.
Phishing attacks rely on creating a sense of urgency—this technique is considered one of the most common and effective in such schemes. LastPass representatives urge users to remain vigilant and continue reporting suspicious incidents.
This incident is the latest in a series of attempts to attack the service's users. Last year, the company reported on macOS malware distributed through fake GitHub repositories. At that time, the attackers disguised the malicious apps as LastPass and other popular tools.
