I, along with many, many others, was affected by several of LastPass’s data breaches. So, earlier this year, I shifted over to another product.
So, when I saw this in my email the other day, my suspicions were raised.
Besides no longer being a LastPass customer, the sender’s email was a huge red-flag.
Ah, there’s a link! I always recommend people do in these circumstances is hover over links in email. In the lower left-hand corner, you can see the actual link. *Note, this is not a a LastPass site.
I’m quite confident that these hackers got my information from the dark web, but found that I’ve changed all my passwords, as well as shifted away from LastPass. It’s a rather convincing email phishing for information.
So, I wanted to share this for a few reasons. Mainly, for my fellow LastPass breachees, watch for these sorts of scams. Hackers can use information in multiple ways, not just with accessing your sites with stolen credentials. Also, there are some good tools to use in any suspicious email. My main advice: never click on a link unless you’re 100% certain it’s valid. Reach out to the send via phone/text if you’re in doubt.
Anyway, be wary my friends. If you’ve ever been part of a data breach (is there anyone who hasn’t?), expect that the information collected will be used against you.
