One of nan astir celebrated password managers retired there, LastPass, is informing its customers not to autumn for nan latest scam run aimed straight astatine them.
In a blog post, nan institution explained scammers are targeting users via nan Chrome Web Store. In nan reviews conception for LastPass’ Chrome add-on, nan scammers are adding caller contented that directs nan visitors to clone customer support.
Therefore, erstwhile victims who are having issues pinch nan add-on sojourn nan page, they mightiness deliberation that different users are helping them scope customer support directly. In reality, dialing nan number shared location starts a speech pinch nan fraudsters, who will effort to navigate nan victims to a malicious website, and download malware.
Fake customer support
"Individuals calling this clone support number will beryllium greeted by an individual asking what merchandise they are having issues pinch and past a bid of questions regarding whether they are attempting to entree LastPass via a machine aliases a mobile instrumentality and what operating system they are using," explained LastPass.
"They will past beryllium directed to nan tract dghelp[.]top while nan threat character remains connected nan statement and attempts to get nan imaginable unfortunate to prosecute pinch nan site, exposing their data."
Investigating further, BleepingComputer found nan campaign’s extremity is to get group to download ConnectWise ScreenConnect, a portion of distant support and entree package that grants nan attackers afloat entree to nan target computer. The publication besides recovered that nan telephone number associated pinch this run was utilized successful different akin campaigns, wherever crooks impersonated Amazon, Adobe, Facebook, YouTube TV, and many, galore others. In different words, this is simply a well-organized squad that has been impersonating awesome corporations and defrauding group for a while now.
As usual, nan champion measurement to take sides against these attacks is to usage communal consciousness and double-check each portion of accusation recovered online.
More from TechRadar Pro
- Data breached astatine LA Housing Authority aft ransomware attack
- Here's a database of nan best firewalls today
- These are nan best endpoint protection tools correct now