One of the most popular password managers, LastPass, is warning its customers not to fall for the latest scam campaign aimed directly at them.
In a blog post, the company explained that scammers are targeting users through the Chrome Web Store. In the reviews section of the LastPass Chrome add-on, scammers add new content that directs visitors to fake customer support.
Therefore, when victims who are having issues with the add-on visit the page, they may think that other users are helping them by contacting customer support directly. In fact, dialing the shared number starts a conversation with the scammers, who will attempt to direct victims to a malicious website and download malware.
Fake customer support
“People calling this fake support number will be greeted by a person asking which product they are having issues with, then a series of questions about whether they are trying to access LastPass via computer or mobile device and which system operating system they use,” explained LastPass.
“They will then be directed to the dghelp(.)top site while the threat actor remains online and attempts to get the potential victim to interact with the site, thereby exposing their data.”
By investigating further, BeepComputer discovered that the goal of the campaign was to get people to download ConnectWise ScreenConnect, a remote access and support software that grants attackers full access to the target computer. The post also revealed that the phone number associated with this campaign had been used in other similar campaigns, in which scammers posed as Amazon, Adobe, Facebook, YouTube TV and many others. In other words, this is a well-organized team that has been posing as big companies and scamming people for some time now.
As usual, the best way to defend against these attacks is to use common sense and verify every piece of information found online.