Watch Out, This LastPass Email With “Important Information About Your Account” is a Phish

LastPass users who were affected by the data breach last year are now being targeted by highly convincing phishing emails. Hackers who stole password vaults are now attempting to trick users into revealing their passwords by sending emails that appear legitimate. The phishing emails ask users to verify their personal data or risk losing access to certain features on their LastPass accounts. While the email may look convincing, there are red flags that can help users identify it as a scam, such as demands for personal information and a sense of urgency. The phishing site that the email redirects to is almost identical to the real LastPass site, making it harder to detect. Users are advised to block known bad websites, be cautious of emails that require urgent attention, report phishing attempts, change passwords if they have fallen for a phishing attempt, use password managers, and opt for FIDO2 2FA devices for added security.