New phishing campaign hits LastPass, Bitwarden users


Criminals have been found impersonating popular password managers LastPass and Bitwarden online in an attempt to trick users into sharing their login credentials, and thus access to a treasure trove of passwords and other secrets.

LastPass recently issued a warning to its customers, raising awareness of the ongoing phishing campaign.

However the scam also now seems to have spread to other password managers, with Bitwarden customers also apparently being targeted.

Read more…
Source:  TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Spam and phishing in Q3 2021

    November 1, 2021

    This summer and early fall saw some major international sporting events. The delayed Euro 2020 soccer tournament was held in June and July, followed by the equally delayed Tokyo Olympics in August. Q3 2021 also featured several F1 Grand Prix races. There was no way that cybercriminals and profiteers could pass up such a golden ...

  • Office 365 Phishing Campaign Uses Kaspersky’s Amazon SES Token

    November 1, 2021

    A surge in spearphishing emails designed to steal Office 365 credentials were rigged to look like they came from a Kaspersky email address. In spite of coming from sender addresses such as [email protected], nobody at Kaspersky sent the phishing emails, the security company said in an advisory issued on Monday. Rather, the emails were sent with ...

  • Phishing-as-a-service operation uses double theft to boost profits

    September 22, 2021

    Microsoft says BulletProofLink, a large-scale phishing-as-a-service (PhaaS) operation it spotted while investigating recent phishing attacks, is the driving force behind many phishing campaigns that have targeted many corporate organizations lately. The threat actor behind BulletProofLink (also known as BulletProftLink and Anthrax) provides cybercriminals with various services, ranging from selling phish kits and email templates to providing ...

  • Europol: 106 arrested in a sting against online fraudsters

    September 20, 2021

    The Spanish National Police (Policía Nacional), supported by the Italian National Police (Polizia di Stato), Europol and Eurojust, dismantled an organised crime group linked to the Italian Mafia involved in online fraud, money laundering, drug trafficking and property crime. The suspects defrauded hundreds of victims through phishing attacks and other types of online fraud such as ...

  • Attackers Impersonate DoT in Two-Day Phishing Scam

    September 15, 2021

    Threat actors impersonated the U.S. Department of Transportation (USDOT) in a two-day phishing campaign that used a combination of tactics – including creating new domains that mimic federal sites so as to appear to be legitimate – to evade security detections. Between Aug. 16-18, researchers at e-mail security provider INKY detected 41 phishing emails dangling the ...

  • Phishing Eager Travelers

    September 15, 2021

    Threat actors have always been adept at keeping abreast of worldwide trends – ranging from geopolitical to technical – and rapidly exploiting these trends for their benefit. The current pandemic is no exception. Unit 42 has previously reported on how cybercriminals have preyed on consumers during COVID-19 and on the use of COVID-19 themed phishing ...