LastPass has issued a fake email alert over the weekend about fraudulent emails requesting master password updates.
If you get such an email, do not click any links in the email. You can always go directly to lastpass.com, or use the LastPass app in your browser to go to your settings.
Also, if your master password needed to be changed, the app would tell you, not an email.
-Daniel
The fake email alert from the web page referenced below:
PHISHING ALERT | FRAUDULENT EMAILS REQUESTING MASTER PASSWORD UPDATE
As part of our commitment to security, we want to make sure our users and the public are aware of these fake email alerts being sent to LastPass customers.
Reports indicate that a third-party, bad actor, attempting to impersonate a LastPass representative, using the email address(es) “do-not-reply-support[@]lastpass.ch” or “do-not-reply-support[@]lastpasses.net” with the subject line “LastPass – Adaptive Protection Alert” (example below) is attempting to lure customers to click a malicious link in order to update their master password.
Please take note this is NOT a LastPass/LogMeIn email and did NOT come from someone at LastPass.
If you’d like cybersecurity help, please send us an email