Subj : Evil scam targets LastPas
To   : All
From : Mike Powell
Date : Tue Oct 28 2025 09:03 am

Evil scam targets LastPass users with fake death certificate claims

Date:
Mon, 27 Oct 2025 18:27:00 +0000

Description:
A fake LastPass email is telling users they died, and that a relative is
taking over their account.

FULL STORY

Scammers are trying to get LastPass user master passwords with a devious
phishing email scheme concerning their deaths.

The password manager has an inheritance feature - so if a person proves the
account owner is deceased, and that they are the closest relative (or
otherwise deemed to be granted access to the account), LastPass can comply
and hand it over.

However in phishing emails, victims are told that someone has uploaded a
death certificate confirming they have passed away, and that unless they act
fast it will grant them access to their Vault (an encrypted password storage
database, essentially).

CryptoChameleon

Acting fast means clicking on a link, and logging into the LastPass account.
However, those that rush to do it will not notice that the website they are
logging in to is not LastPass, but rather - lastpassrecovery[.]com - a
fraudulent landing page propped up only to harvest gullible peoples login
credentials.

The threat actor behind this morbid campaign is called CryptoChameleon - they
are a known hacking collective specializing in crypto theft.

In the past, the group has been seen targeting Binance wallets, Kraken,
Gemini, and other platforms, using fake Okta, Gmail, iCloud, and Outlook
sign-in landing pages, as well as passkeys.

Passkeys are a passwordless method of authentication that uses public-key
cryptography to verify the persons identity without storing or typing a
password. It is generally considered a lot safer than a password, and many of
the worlds biggest tech companies have pushed to replace them entirely.

Obviously, the best way to defend against the attack is to think before you
click, and be skeptical of any email messages demanding urgent action.

Via BleepingComputer

======================================================================
Link to news story:
https://www.techradar.com/pro/security/evil-scam-targets-lastpass-users-with-f
ake-death-certificate-claims

$$
--- SBBSecho 3.28-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.