One of the most popular password managers out there, LastPass, is warning its customers not to fall for the latest scam campaign aimed directly at them.
In a blog post, the company explains that scammers are targeting users through the Chrome Web Store. In the reviews section for the LastPass Chrome add-on, the scammers add new content that directs visitors to fake customer support.
Therefore, when victims who have problems with the add-on visit the page, they may think that other users are helping them reach customer support directly. In reality, calling the number shared there starts a conversation with the fraudsters, who will try to direct the victims to a malicious website and download malware.
Fake customer support
“Individuals who call this fake support number will be greeted by a person asking which product they are having trouble with and then a series of questions about whether they are trying to access LastPass via a computer or a mobile device and which operating system they use.” LastPass explains.
“They are then redirected to the site dghelp(.)top while the threat actor stays on the line and tries to get the potential victim to engage with the site, thus exposing their data.”
Investigate further, BleepingComputer discovered that the goal of the campaign is to get people to download ConnectWise ScreenConnect, a piece of remote support and access software that gives the attackers full access to the target computer. The publication also revealed that the phone number associated with this campaign was used in other similar campaigns, with crooks posing as Amazon, Adobe, Facebook, YouTube TV and many, many others. In other words, this is a well-organized team that has been posing as big companies and scamming people for a while now.
As usual, the best way to defend against these attacks is to use common sense and double-check every piece of information found online.