LastPass is warning users that a new phishing campaign is active that impersonates the password management service and aims to trick users into giving up their master passwords.
The campaign, which began around January 19, 2026, sends phishing emails claiming upcoming maintenance and prompting you to create a local backup of your password vault within 24 hours. According to LastPass, the message has the following subject line:
Update your LastPass infrastructure: Secure your Vault now Data & protection: Back up your Vault before maintenance Don’t miss: Back up your Vault before your maintenance Important: LastPass maintenance and Vault security Protect your password: Back up your Vault (24 hours a day)
This email is designed to direct unsuspecting users to a phishing site (‘group-content-gen2.s3.eu-west-3.amazonaws’).[.]com/5yaVgx51ZzGf”), you will be redirected to the domain “mail-lastpass”.[.]Com. ”
The company emphasized that it never asks users for their master password and works with third-party partners to shut down malicious infrastructure. They also shared the email address from which the message was sent.
support@sr22vegas[.]com support@lastpass[.]Server 8 support @lastpass[.]Server 7 support @lastpass[.]server 3
“This campaign is designed to create a false sense of urgency, which is one of the most common and effective tactics commonly seen in phishing attacks,” a spokesperson for LastPass’ Threat Intelligence, Mitigation, and Escalation (TIME) team told The Hacker News in a statement.
“We want our customers and the broader security community to know that LastPass will never ask for your master password or require immediate action under a looming deadline. We appreciate our customers remaining vigilant and continuing to report suspicious activity.”
This development comes months after LastPass warned users about an information theft campaign targeting Apple macOS users via fake GitHub repositories distributing malware-infecting programs disguised as password managers and other popular software.
Source link
