Man
Professional
- Messages
- 3,222
- Reaction score
- 810
- Points
- 113
How do you tell the difference between a scammer and a real specialist when you call LastPass customer support?
LastPass is announcing a new social engineering campaign targeting its users through fake reviews on the Chrome Web Store.
Attackers publish false reviews on the LastPass application page, in which they urge users to call a fake number, offering supposedly technical support.
Reviews of fraudsters in the Google store (LastPass)
When calling the specified number, the operator asks what product there are difficulties with. This is followed by a series of questions about whether LastPass is used on a computer or mobile device, as well as the operating system version. The user is then redirected to the dghelp[.]site top, offering to stay on the line to have a dialogue with him and push him to interact with the site. As a result of such actions, the user's personal data may be compromised.
LastPass removes fake reviews and initiates the phishing site's blocking. At the moment, such reviews have only been found on the LastPass app page in the Google Chrome Web Store. It's important to keep in mind that these reviews contain the same text, although the names of the users who leave the reviews may change.
The company reminds that LastPass employees never ask users for their master password. For support, you must only contact through the official LastPass website. If there are doubts about the authenticity of a phone number or email, it is recommended that you submit a request through the company's official feedback channels and always exercise caution.
Source
LastPass is announcing a new social engineering campaign targeting its users through fake reviews on the Chrome Web Store.
Attackers publish false reviews on the LastPass application page, in which they urge users to call a fake number, offering supposedly technical support.
Reviews of fraudsters in the Google store (LastPass)
When calling the specified number, the operator asks what product there are difficulties with. This is followed by a series of questions about whether LastPass is used on a computer or mobile device, as well as the operating system version. The user is then redirected to the dghelp[.]site top, offering to stay on the line to have a dialogue with him and push him to interact with the site. As a result of such actions, the user's personal data may be compromised.
LastPass removes fake reviews and initiates the phishing site's blocking. At the moment, such reviews have only been found on the LastPass app page in the Google Chrome Web Store. It's important to keep in mind that these reviews contain the same text, although the names of the users who leave the reviews may change.
The company reminds that LastPass employees never ask users for their master password. For support, you must only contact through the official LastPass website. If there are doubts about the authenticity of a phone number or email, it is recommended that you submit a request through the company's official feedback channels and always exercise caution.
Source
