Kingston Police are alerting the public to scams related to a recent data breach at the popular password manager app LastPass.
According to Kingston Police, LastPass was the victim of a data breach in 2022. Because of this, cybercriminals have access to the names, email addresses, and phone numbers of LastPass’s customers, police said. Since the breach, cybercriminals have reportedly been using LastPass’s data breach in various cyberattacks.
“Recently, cybercriminals launched a phishing attack targeting LastPass users,” police said. “In this scam, cybercriminals send you a spoofed LastPass email with a link asking you to verify your information. If you click the link, you’ll be taken to a spoofed LastPass login page. If you enter your login information, cybercriminals will have access to your sensitive information.”
Kingston Police provided the following tips to help everyone stay safe from similar scams:
- Never click a link in an email that you weren’t expecting.
- Be cautious when entering login information on a website accessed through an email. To stay safe, navigate directly to the organization’s official website.
- Stay educated and watch the news for data breaches. If a service you use is breached, be extra cautious of any emails you get from that organization.
“Stop, look, and think. Don’t be fooled by the scammers,” police said.