PulseAugur
EN
LIVE 20:17:53

LastPass confirms new phishing campaign targeting user credentials

LastPass has confirmed a new phishing campaign targeting its users, which uses emails designed to look like official security alerts. These emails instruct recipients to click a link to accept updated security policies, leading them to a fake LastPass compliance website. The attackers have registered lookalike domains to impersonate LastPass and create a sense of urgency, warning that account access may be restricted if terms are not agreed to within 14 days. LastPass emphasizes that its own systems are unaffected and advises users not to enter credentials or click links from such emails, and to change their master password immediately if they have already done so on a phishing site. AI

IMPACT Phishing attacks continue to evolve, posing a persistent threat to user security and data integrity across digital platforms.

RANK_REASON This is a report about a phishing campaign targeting users of a password manager, not a release of new technology or a significant industry event.

Read on Forbes — Innovation →

AI-generated summary · Google Gemini · from 1 sources. How we write summaries →

LastPass confirms new phishing campaign targeting user credentials

COVERAGE [1]

  1. Forbes — Innovation TIER_1 English(EN) · Davey Winder, Senior Contributor ·

    LastPass Says ‘Do Not Enter Your Credentials’ As New Attack Confirmed

    LastPass users are being warned not to respond to a security alert email that looks like it comes from the password manager but is part of a credentials-stealing attack.