LastPass warns of spoofed alerts aimed at stealing master passwords
LastPass warns of a phishing campaign using fake security alerts about unauthorized access or password changes to steal users’ master passwords. LastPass has warned users about a new phishing campaign using fake security alerts that claim unauthorized access or master password changes. The emails, which spoof LastPass’s display name, attempt to trick recipients into revealing […]
LastPass has warned users about a new phishing campaign using fake security alerts that claim unauthorized access or master password changes. The emails, which spoof LastPass’s display name, attempt to trick recipients into revealing their master password and compromising their accounts.
LastPass TIME team has alerted customers about an active phishing campaign that began around March 1, 2026. The emails, sent from multiple addresses with varying subject lines, are designed to look like forwarded internal messages about unauthorized account access in order to deceive recipients.
Related breach coverage
- Crooks impersonate LastPass in campaign to harvest master passwords2026-01-21
Password manager LastPass warns of an active phishing campaign impersonating the service to steal users’ master passwords. LastPass warned users about an active phishing campaign that began around January 19, 2026. Attackers impersonate the service with emails claiming urgent maintenance and urge users to back up their password vaults within 24 hours. The messages use […]
- LastPass Warns of New Phishing Campaign2026-03-04
The attackers are sending out fake alerts claiming unauthorized access or master password changes. The post LastPass Warns of New Phishing Campaign appeared first on SecurityWeek.
- Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing2026-04-02
Threat actors impersonated CERT-UA to send phishing emails with AGEWHEEZE malware, tricking victims into installing a fake “security tool.” A threat actor, tracked as UAC-0255, impersonated CERT-UA in a phishing campaign, sending emails to about 1 million users. The messages urged victims to download a password-protected archive from Files.fm and install a fake “specialized software,” […]
- Misconfigured email routing enables internal-spoofed phishing2026-01-07
Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protections to send phishing emails appearing internal, using PhaaS platforms like Tycoon2FA to steal credentials. “Phishing actors are exploiting complex routing scenarios and misconfigured spoof protections to effectively spoof organizations’ domains […]