{"id":219866,"date":"2026-03-04T10:07:00","date_gmt":"2026-03-04T15:07:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/04\/lastpass-warns-of-spoofed-alerts-aimed-at-stealing-master-passwords\/"},"modified":"2026-03-04T14:10:20","modified_gmt":"2026-03-04T19:10:20","slug":"lastpass-warns-of-spoofed-alerts-aimed-at-stealing-master-passwords","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/04\/lastpass-warns-of-spoofed-alerts-aimed-at-stealing-master-passwords\/","title":{"rendered":"LastPass warns of spoofed alerts aimed at stealing master passwords"},"content":{"rendered":"

LastPass warns of spoofed alerts aimed at stealing master passwords<\/a><\/p>\n

https:\/\/securityaffairs.com\/188911\/security\/lastpass-warns-of-spoofed-alerts-aimed-at-stealing-master-passwords.html?amp<\/a><\/p>\n

Publish Date: 2026-03-04 10:07:00<\/a><\/p>\n

Source Domain: securityaffairs.com<\/a><\/p>\n

LastPass warns of spoofed alerts aimed at stealing master passwords<\/h2>\n<\/p>\n

\t\t\t\t\t\t\t Pierluigi Paganini<\/span>
\n\t\t\t\t\t\t\t\"\"\/ March 04, 2026<\/span><\/p>\n

\t\t\t\t\t\t\"\"\/<\/p>\n

LastPass warns of a phishing campaign using fake security alerts about unauthorized access or password changes to steal users\u2019 master passwords.<\/h2>\n

LastPass has warned users about a new phishing campaign using fake security alerts that claim unauthorized access or master password changes. The emails, which spoof LastPass\u2019s display name, attempt to trick recipients into revealing their master password and compromising their accounts.<\/p>\n

LastPass TIME team has alerted customers about an active phishing campaign that began around March 1, 2026. The emails, sent from multiple addresses with varying subject lines, are designed to look like forwarded internal messages about unauthorized account access in order to deceive recipients.<\/p>\n

LastPass warned that attackers are forwarding fake email threads to make it seem someone is trying to export a vault, recover an account, or register a new device. <\/p>\n

\"\"<\/p>\n

Using display name spoofing, they impersonate LastPass while hiding unrelated sender addresses. The emails urge users to click links that lead to a fake SSO page at verify-lastpass[.]com to steal credentials.<\/p>\n

\u201cThe attacker relies on the fact that many email clients (especially mobile) show only the display name, hiding the real sender address unless you expand it.\u201d reads the alert published by LastPass. \u201cThe emails instruct targets to take some type of action (i.e., report suspicious activity, disconnect and lock vault, revoke device, etc.) if something looks off via provided links; these links then direct targets to fake SSO login pages via https[:]\/\/verify-lastpass[.]com as the primary URL to collect users\u2019 credentials (see below).\u201d<\/p>\n

\"\"<\/p>\n

LastPass reminds users it will never ask for their master password and is working with partners to take down the phishing sites. Customers are…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

LastPass warns of spoofed alerts aimed at stealing master passwords https:\/\/securityaffairs.com\/188911\/security\/lastpass-warns-of-spoofed-alerts-aimed-at-stealing-master-passwords.html?amp Publish Date: 2026-03-04 10:07:00…<\/p>\n","protected":false},"author":1,"featured_media":219867,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2026\/03\/image-17.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[25],"class_list":["post-219866","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-phishing"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219866"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=219866"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219866\/revisions"}],"predecessor-version":[{"id":219868,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219866\/revisions\/219868"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/219867"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=219866"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=219866"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=219866"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}