LastPass would like to alert our customers to a current phishing campaign that began yesterday, December 3rd. The phishing emails are coming from the email address “yoji-okugawa1975=ezweb.ne.jp@mail266.bms6.bmsend[.]com>” with the subject line “LastPass: Required action needed regarding your account.” The below image displays the body of the email and the “Confirm my information” button will take victims to a phishing site hosted at https://tg8.benchurl[.]com/c/l?u=1071FD17&e=1749AFB&c=5337E&t=0&l=30887679&email=IgahgQuZECVvMJZ7zP*2BHnA*3D*3D&seq=1__;JSUl!!H7RnL4W2Xg!phO32-NYDtEkopBBNNoJNsE-w67mYdwSBv0pGxBtT6sxzPTbQjLa8Kpr0B4CsCnRSwYwrc9YQniJSQ$ which redirects to https://customer-lastpass[.]ru/?ac=1&lpnorefresh=1. Please remember that no one at LastPass will never ask for your master password. Rest assured, we are working to have this domain taken down as soon as possible. Please take the appropriate precautions and as always, if you have any question if an email is legitimate, please submit it to abuse@lastpass.com.
