Following the previous incidents, now several LastPass employees have suffered a phishing attack whereby malicious actors send WhatsApp voice messages and missed calls from, supposedly, its CEO, Karim Toubba.
Globally, one 25% of the population falls for phishing scams on phone calls (Vishing). Fortunately, this statistic is broken in the LastPass offices. No employee has ever fallen into this situation. The victims received a WhatsApp message with an audio note and numerous text messages.
This message, By being outside of the usual communication channels, quickly made employees suspicious, Ignoring Messages. One of the company's analysts, Mike Kosak, He points out that the attack has had no impact, But they have reported what happened to warn other companies of the modus operandi of this attack.
The U.S. Department of Health and Human Services (HSS) reported last week on the increase in attacks “Deep Fake” involving scams similar to the one we are talking about today. Among other measures, They advise you to always check the requested information and monitor for suspicious requests.
Fountain: Bleeping Computer