1. Forum
  2. tqwNet
  3. TQW GENTECH

  • LastPass warns of scam using fake email chains spoofing account h

    From TechnologyDaily@1337:1/100 to All on Friday, March 06, 2026 12:15:29
    LastPass warns of scam using fake email chains spoofing account hacking 'to draw attention and generate urgency' in users

    Date:
    Fri, 06 Mar 2026 12:05:00 +0000

    Description:
    What would you do if you could eavesdrop on an ongoing social engineering attack against your LastPass account?

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Get the TechRadar Newsletter Sign up for
    breaking news, reviews, opinion, top tech deals, and more. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful An account already exists for this email address, please log in. Subscribe to our newsletter LastPass warns of phishing campaign targeting credentials Attackers trick victims with fake support conversations Malicious links mimic LastPass login pages Popular password manager LastPass is warning customers about an ongoing phishing campaign, aimed at obtaining their login credentials.

    What makes this campaign unique is that victims are positioned as silent observers to an ongoing attack - being made to believe theyre in a unique position to stop the attack, but only if they act fast. In a blog post outlining the campaign, LastPass noted the scam was dsigned to, "to draw attention and generate urgency in the mind of the recipient, a common tactic for social engineering and phishing emails." You may like LastPass warns
    users of new phishing campaign sending out fake support messages Yet another phishing campaign impersonates trusted Google services - here's what we know
    A devious new Apple Pay scam is hitting millions heres how to stay safe LastPass infrastructure intact In a classic phishing attack, the threat
    actors would impersonate LastPass, reach out to the targets, and claim their account needs securing. In the same email, they would offer a link where they can do that, but the link is malicious and relays the login credentials to
    the attackers.

    In this new campaign, things are a little different. The victim is forwarded an email chain showing a conversation between LastPass customer support and alleged attackers. In the fake conversation, the attacker impersonates the victim and requests either 2FA removed, or a reset to the password, and the customer support complies by sharing a link.

    For the trick to work, the victim needs to believe they have the advantage, and that they can forestall the attack by resetting the password via the provided link themselves. But the link leads to a malicious landing page designed to look like the LastPass login site.

    In the warning, LastPass says that its infrastructure is intact and that the emails are not coming from the companys email domain. Instead, the attackers are betting on victims not paying attention to the email address from which the messages are coming. Are you a pro? Subscribe to our newsletter Sign up
    to the TechRadar Pro newsletter to get all the top news, opinion, features
    and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    LastPass also said that the company will never ask its customers for their master password, and that they should never disclose it to anyone, anyway.
    The company is now working to have the malicious landing pages removed, as soon as possible. Victims who receive the phishing email are urged to reach out to LastPass. The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/lastpass-warns-of-scam-using-fake-email -chains-spoofing-account-hacking-to-spread-chaos


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)