How can you best avoid these types of scams? Ken Liao, vice president of Cybersecurity Strategy at Abnormal, offers a concise recommendation.
And since LogMeIn uses a single sign-on with LastPass, the attackers may be trying to gain access to the user’s password manager, potentially opening the door to all of the person’s stored passwords. Of course, any credentials entered at the phony login page are captured by the criminals behind this attack. The page also contains branding for password manager LastPass, which is the parent company for LogMeIn. Clicking on the link brings the recipient to a fake login page that appears similar to the actual LogMeIn page.
A stern warning asserts that if the update is not applied, then the user’s account will have to be suspended for security reasons. To apply this alleged security update, the user is told to click on a link in the email. As such, this campaign is also taking advantage of the security concerns raised about these remote access platforms. In this particular attack, the phishing email claims to be from LogMeIn with a notice informing the recipient of a fix to a zero day vulnerability found in LogMeIn Central and LogMeIn Pro. Spotting this new phishing attack for first time in May, Abnormal Security noted that the recent impersonations of LogMeIn and other remote collaboration tools such as Zoom are likely due to the shift in remote work. SEE: Fighting social media phishing attacks: 10 tips (free PDF) (TechRepublic) In a blog post published Tuesday, security provider Abnormal Security explains how this campaign works.
As more people work from home due to the coronavirus, a new phishing campaign is impersonating the remote access tool LogMeIn to obtain the account credentials of unsuspecting victims. Such campaigns often strive to reference items in the news to catch the attention of those concerned about current events. Phishing campaigns try to trick people by spoofing well-known companies, brands, and products.
How to secure your email via encryption, password management and more (TechRepublic Premium) In security, there is no average behavior
85% of Android users are concerned about privacyĪlmost 2,000 data breaches reported for the first half of 2022