New phishing campaign hits LastPass, Bitwarden users


Criminals have been found impersonating popular password managers LastPass and Bitwarden online in an attempt to trick users into sharing their login credentials, and thus access to a treasure trove of passwords and other secrets.

LastPass recently issued a warning to its customers, raising awareness of the ongoing phishing campaign.

However the scam also now seems to have spread to other password managers, with Bitwarden customers also apparently being targeted.

Read more…
Source:  TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Deep Analysis of Snake Keylogger’s New Variant

    August 28, 2024

    Fortinet’s FortiGuard Labs recently caught a phishing campaign in the wild with a malicious Excel document attached to the phishing email. Fortinet researchers performed a deep analysis on the campaign and discovered that it delivers a new variant of Snake Keylogger. Snake Keylogger (aka “404 Keylogger” or “KrakenKeylogger”) is a subscription-based keylogger with many capabilities. It ...

  • SMS scammers use toll fees as a lure

    August 27, 2024

    In April 2024, the FBI warned about a new type of smishing scam. Smishing is the term we use for phishing attacks sent via text message. This particular smishing scam tries to trick users into clicking a link by telling them they owe a “small amount” in toll fees. The scammers send a text claiming that ...

  • Tusk: unraveling a complex infostealer campaign

    August 15, 2024

    Kaspersky Global Emergency Response Team (GERT) has identified a complex campaign, consisting of multiple sub-campaigns orchestrated by Russian-speaking cybercriminals. The sub-campaigns imitate legitimate projects, slightly modifying names and branding and using multiple social media accounts to increase their credibility. In their analysis GERT researchers observed that all the active sub-campaigns host the initial downloader on Dropbox. ...

  • UK, US supervise Ukrainian scam call centers – Russian Interior Ministry

    August 15, 2024

    The special services of the United Kingdom and the United States control and supervise Ukrainian scam call centers, a spokesman for the Russian Interior Ministry said. “The most important thing is that they are fully controlled by the special services of Ukraine, the special services of the UK and the US. Remote thefts ...

  • Cyber attack on councils across Greater Manchester leaves thousands vulnerable to phishing scam

    August 14, 2024

    A cyber attack on councils across Greater Manchester has left thousands of residents vulnerable to a phishing scam. The attack, which initially hit one borough last week and spread over the weekend, on software company Locata downed the housing websites for Manchester, Salford and Bolton councils. It has also led to thousands of users being sent ...

  • Ongoing Social Engineering Campaign Refreshes Payloads

    August 12, 2024

    On June 20, 2024, Rapid7 identified multiple intrusion attempts by threat actors utilizing techniques, tactics, and procedures (TTPs) that are consistent with an ongoing social engineering campaign being tracked by Rapid7. The initial lure being utilized by the threat actors remains the same: an email bomb followed by an attempt to call impacted users and offer ...