LastPass would like to make our customers aware of a current social engineering campaign leveraging fake reviews on our Chrome Web Store app page. A threat actor appears to be submitting reviews where they direct customers to a fake number controlled by the threat actor. Examples of these Google Chrome Web Store app page posts and the phone number can be found below.
Individuals calling this fake support number will be greeted by an individual asking what product they are having issues with and then a series of questions regarding whether they are attempting to access LastPass via a computer or a mobile device and what operating system they are using. They will then be directed to the site dghelp[.]top while the threat actor remains on the line and attempts to get the potential victim to engage with the site, exposing their data.
We are working to disrupt this campaign by having the reviews removed and getting the phishing website taken down. At this time, we are only aware of these types of fake posts on the Google Chrome Web Store app page. Please be aware these reviews are fake and while the usernames associated with the reviews may change, the text has been consistent for every review to date.
Please remember that no one at LastPass will ever ask for your master password. If you need customer support, please go directly to our website, https://www.lastpass.com. As always, please take the appropriate precautions, and if you have any questions if an email or phone number is legitimate, please submit it to abuse@lastpass.com.
