LastPass has alerted users about a social engineering campaign targeting customers through fraudulent 5-star reviews on the Chrome Web Store. Hackers are posting fake reviews for the LastPass Chrome extension, promoting a bogus customer support phone number to steal user data. When users call this number, they are connected to scammers impersonating LastPass representatives who attempt to gather personal information and direct callers to a suspicious website. The company is actively working to remove fake reviews and take down phishing websites. LastPass reminds users that they will never ask for master passwords and advises customers to only use official support channels. This scam follows previous cyberattacks on LastPass in 2022 that resulted in data and source code theft. Author: AlienVault
Related Tags:
lastpass
chrome web store
password management
T1592.004
T1584.001
T1583.001
T1598
social engineering
T1102
Associated Indicators:
null