LastPass is warning of a new phishing campaign disguised as a maintenance notification from the service, asking users to back up their vaults in the next 24 hours.
The malicious emails include a link that allegedly takes users to a site where they can create an encrypted backup, where the attacker likely tries to hijack accounts or steal vault master passwords.
"Please be advised that LastPass is NOT asking customers to back up their vaults in the next 24 hours; rather, this is an attempt on the part of a malicious actor to generate urgency in the mind of the recipient, a common tactic for social engineering and phishing emails,” LastPass warns.
The LastPass Threat Intelligence, Mitigation, and Escalation (TIME) team believes that the campaign started on January 19 and observed phishing messages delivered from email addresses of the type 'support@lastpass[.]server8' and 'support@sr22vegas[.]com' with the following subject lines:
LastPass Infrastructure Update: Secure Your Vault Now
Your Data, Your Protection: Create a Backup Before Maintenance
Don't Miss Out: Backup Your Vault Before Maintenance
Important: LastPass Maintenance & Your Vault Security
Protect Your Passwords: Backup Your Vault (24-Hour Window)
Crafted to appear as genuine LastPass communications, the emails say that users need to back up their vaults locally to secure their data due to an upcoming infrastructure maintenance.
... continue reading