LastPass warns of fake support centers trying to steal customer data

Nov 7, 2024

LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers.

Threat actors are attempting to target the company’s user base by leaving 5-star reviews with a fake LastPass customer support number. These reviews urge users facing any problems with the app to contact the LastPass online customer service at 805-206-2892, NOTE: This phone number is not associated with LastPass.

Individuals calling this fake support number will be greeted by an individual asking what product they are having issues with and then a series of questions regarding whether they are attempting to access LastPass via a computer or a mobile device and what operating system they are using. They will then be directed to the fake website while the threat actor remains on the line and attempts to get the potential victim to engage with the site.

When users engage with this fake site and enter the code provided by the threat actor, it will automatically download and install a ScreenConnect agent which will give the scammers full access to the person’s computer. From there, one threat actor can keep the caller engaged with questions and at the same time, another scammer uses ScreenConnect in the background to install other programs for unattended remote access or to steal data from the computer.

LastPass says they are working to disrupt this campaign by having the reviews removed and getting the phishing website taken down. Please be aware these reviews are fake and while the usernames associated with the reviews may change, the text has been consistent for every review to date.

Please remember that no one at LastPass will ever ask for your master password. If you need customer support, please go directly to our website, https://www.lastpass.com.

BleepingComputer reports that the phone number associated with the fake LastPass support center is linked to a much larger campaign. The phone number, 805-206-2892, was also found promoted as a support number for numerous other companies, including Amazon, Adobe, Facebook, Hulu, YouTube TV, Peacock TV, Verizon, Netflix, Roku, PayPal, Squarespace, Grammarly, iCloud, Ticketmaster, and Capital One.

Direct from LastPass:
https://blog.lastpass.com/posts/fake-web-store-reviews-attempting-to-steal-customer-data

Bleeping Computer:
https://www.bleepingcomputer.com/news/security/lastpass-warns-of-fake-support-centers-trying-to-steal-customer-data/

Listen HERE

 

David Snell, Rob Hakala and Beth Foster at 95.9 WATD

David Snell joins Rob Hakala and Beth Foster of the South Shore’s Morning News on 95.9 WATD fm every Tuesday at 8:11
https://www.959watd.com