How to avoid the latest LastPass Phishing Attack

January 16, 2016 – 1:24 PM

Sean Cassidy discovered recently that the popular password manager LastPass is vulnerable to a  phishing attack that takes advantage of the way messages are displayed to users of the service.

The method that he describes on his blog works in Google Chrome, and to a degree in Firefox as well.

The main difference between the two browsers is that fake messages displayed to Chrome users on attack sites look identical to the message the LastPass extension would display to them, while that’s not the case if Firefox is being used.


You must be logged in to post a comment.