Our team would like to raise awareness to a recent LastPass phishing campaign affecting our customers.
This is related to the CryptoChameleon phishing kit which has been associated with crypto thefts (more information on this kit can be found here).
A cybercriminal can use these kits to create fake websites to steal passwords and other authentication data and either use these credentials themselves or sell them to other criminals.
Victims are directed to fake websites via phishing emails, SMS messages, or even direct phone calls (vishing).
What the bad actors are doing:
This campaign is now using “tickets-lastpass[.]com” as its primary phishing page and appears to have shifted primarily to texting (SMS messages) as the main point of contact.
Customers are also receiving a call from an 888 number claiming their LastPass account has been accessed from a new device and instructing them to press “1” to allow the access or “2” to block it. Pressing 2 will lead you to a bad actor attempting to gain access to your account.
Please contact the Databranch team immediately at 716-373-4467 x 4 or [email protected] if you receive correspondence related to your LastPass account.
comments powered by Disqus