Security News > 2020 > May > Beware of phishing emails urging for a LogMeIn security update
LogMeIn users are being targeted with fake security update requests, which lead to a spoofed phishing page.
"Should recipients fall victim to this attack, their login credentials to their LogMeIn account would be compromised. Additionally, since LogMeIn has SSO with Lastpass as LogMeIn is the parent company, it is possible the attacker may be attempting to obtain access to this user's password manager," Abnormal Security noted.
The phishing email has been made to look like it's coming from LogMeIn.
"The link attack vector was hidden using an anchor text impersonation to make it appear to actually be directing to the LogMeIn domain," Abnormal Security explained.
In this particular case, you can be sure that if LogMeIn asks you to update something, the request/reminder will be shown once you access your account, so you're not losing anything by ignoring the email and the link in it.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/cx9j9CgeQEM/
Related news
- Beware of phishing emails delivering backdoored Linux VMs! (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Phishing emails increasingly use SVG attachments to evade detection (source)
- Novel phishing campaign uses corrupted Word documents to evade security (source)
- Phishers send corrupted documents to bypass email security (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- European companies hit with effective DocuSign-themed phishing emails (source)