Criminals have been found impersonating popular password managers LastPass and Bitwarden online in an attempt to trick users into sharing their login credentials, and thus access to a treasure trove of passwords and other secrets.
LastPass recently issued a warning to its customers, raising awareness of the ongoing phishing campaign.
However the scam also now seems to have spread to other password managers, with Bitwarden customers also apparently being targeted.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Data Breaches: A Chance for Opportunistic Scammers & What You Should Watch for
September 5, 2021
Data breaches are now part of doing business, with many companies having been affected. Data is very valuable to criminals because it is often used to commit fraudulent activities as well as to enhance the credibility of scams. Data that is stolen ranges from Social Security Numbers (SSNs) to other identification documents and payment details. Scammers ...
- Worldwide Phishing Attacks Ramped Up At the Peak of Working From Home
August 25, 2021
With more and more companies choosing to allow for flexible (hybrid/remote) work environments post-pandemic, we investigated the unique cyberthreats employees working from home face. Palo Alto analysis focused primarily on trends in Palo Alto firewall traffic and phishing pages detected by our URL Filtering service from September 2019 to April 2021. We found that in early ...
- Confucius Uses Pegasus Spyware-related Lures to Target Pakistani Military
August 17, 2021
While investigating the Confucius threat actor, we found a recent spear phishing campaign that utilizes Pegasus spyware-related lures to entice victims into opening a malicious document downloading a file stealer. The NSO Group’s spyware spurred a collaborative investigation that found that it was being used to target high-ranking individuals in 11 different countries. In this blog ...
- Cyberattackers Embrace CAPTCHAs to Hide Phishing, Malware
August 13, 2021
Cyberattackers are using Google’s reCAPTCHA (aka the “I am not a robot” function) and fake CAPTCHA-like services to obscure various phishing and other campaigns, according to researchers. There are signs however that those evasion efforts may be losing their efficacy. CAPTCHAs are familiar to most internet users as the challenges that are used to confirm that ...
- Phishing Attacks Often Target Small Businesses – Here’s What to Watch for
July 29, 2021
Scammers target businesses with phishing emails all the time, pretending to be legitimate customers or vendors asking for payment. While any company can be vulnerable to this type of attack, small- to medium-size companies are particularly vulnerable because it is easier for a scammer to do a bit of research online and identify the right ...
- UC San Diego Health discloses data breach after phishing attack
July 27, 2021
UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees’ email accounts. UC San Diego Health is one of the nation’s best hospitals, being repeatedly ranked as the best health care system in San Diego, according to the 2021-2022 U.S. ...

