LastPass users targeted in phishing attacks good enough to trick even the savvy

⁨23⁩ ⁨likes⁩

Submitted ⁨⁨10⁩ ⁨months⁩ ago⁩ by ⁨leo@lemmy.linuxuserspace.show⁩ to ⁨news@lemmy.linuxuserspace.show⁩

https://arstechnica.com/?p=2018339

Comments

Sort:hotnew top

natural_motions@lemmynsfw.com ⁨10⁩ ⁨months⁩ ago
[deleted]
source
- corvi@lemm.ee ⁨10⁩ ⁨months⁩ ago
  The problem is that type of phishing is pretty much unheard of these days. You’re so much more likely to run into a fake Microsoft SSO page. I see these every day at work, and if you’re not checking the URL, it’s often identical.
  
  So, the actual highest commandments are use MFA, read urls, and double check email senders.
  
  source
  - Rob@lemmy.world ⁨10⁩ ⁨months⁩ ago
    Use pass keys (where possible); that mitigates the issues you describe
    
    source
RecallMadness@lemmy.nz ⁨10⁩ ⁨months⁩ ago

good enough to trick even the savvy

But not savvy enough to be still using last pass.

source
- leo@lemmy.linuxuserspace.show ⁨10⁩ ⁨months⁩ ago
  Ya know, that exact thought was in the back of my mind…
  
  source