388/67 Monday, November 4, 2024
LastPass has issued a warning to users about an ongoing scam campaign in which malicious actors have posted five-star reviews for the LastPass Chrome extension, attaching a phone number falsely claiming to be customer support. This number directs users experiencing issues to scammers who then advise them to access the site ‘dghelp[.]top’ to download remote control software.
When users call this fake number, they are greeted by an impersonator acting as an “agent” who inquires about their issues. The user is then directed to a website to download a remote access program, which is installed through ScreenConnect and links to a control server based in Ukraine. LastPass strongly emphasizes that users should never share their passwords with anyone.
Researchers have noted that this fake number is also advertised as customer support for other companies, such as Amazon, Adobe, Facebook, Netflix, and Capital One. These numbers have been posted not only in Chrome extension reviews but also on user-generated content sites, such as company forums and Reddit. While some posts have been removed, new ones continually appear. Therefore, LastPass users are advised to remain vigilant and only use official support numbers from LastPass’s website.