Latest LastPass Scam: Everything you should know

Understanding and Protecting Yourself from the Latest LastPass Scam

After a sophisticated AI-powered scam targeting LastPass employees with deepfake audio calls impersonating CEO Karim Toubba earlier this month, I think it’s fair to say that cybersecurity threats are becoming more sophisticated, with phishing scams leading the charge. A notable example of such deceptive practices involves another scam targeting users of the password management service, LastPass. This article delves into the mechanics of the latest LastPass scam, its stages, and the necessary steps users should take to protect themselves.

Could you spot a scam if it sounded just like a call from LastPass support? Dive into our latest exploration of a sophisticated phishing scam targeting LastPass users, revealing how seemingly official communications could be a gateway for cybercriminals. Learn how to spot the red flags and protect your sensitive information from falling into the wrong hands.

How does the latest LastPass scam work?

Initial Contact: Automated Phone Call Alert

The LastPass scam begins with an automated phone call to LastPass users. This call falsely alerts the recipient about unauthorized access to their LastPass account from an unknown device. The message prompts the user to press ‘1’ to permit access or ‘2’ to block the alleged unauthorized attempt.

False Security Measures: A Deceptive Choice

Choosing to block access by pressing ‘2’ triggers another automated response, ensuring the user that a customer service representative will contact them shortly to resolve the issue. This step is designed to build false trust and anticipation, making the scam appear credible.

Follow-Up Call: Impersonation of LastPass Support

Subsequently, users receive a follow-up call, seemingly from LastPass. The caller, who poses as a LastPass employee, informs the user of an email sent to them, which includes a link to reset their account as a security measure.

Phishing Attempt: The Dangerous Link

The crux of the scam lies in the email. The link provided redirects to a counterfeit LastPass login page, designed to harvest the user’s credentials. Once entered, these credentials can be used by criminals to gain unauthorized access to the user’s account, potentially altering registered email, phone number, and password.

Immediate Steps to Take If Targeted:

Hang Up Immediately

If you receive an unexpected call claiming to be from LastPass, hang up immediately. Do not engage or follow any instructions provided during the call.

Report Suspicious Activity

It is crucial to report any dubious emails, calls, or messages related to your LastPass account. Forward suspicious emails as attachments, submit screenshots of questionable text messages, and provide details of suspicious calls to LastPass’s abuse team at

Stay Informed and Vigilant

Always remember that legitimate services like LastPass will never ask for your master password through any communication channels such as phone, text, or email. Awareness and knowledge are your best defenses against scams.


If you get a strange call from LastPass, just hang up. For anything suspicious, shoot an email to Remember, LastPass won’t ever ask for your master password over the phone, in a text, or through email.

You might also like

Proactive Monitoring and Maintenance

Keep your business running & protected from external threats


Backup and Disaster Recovery

Recover & protect critical data from unexpected tragedies

Remote Employee Configuration And Monitoring

Secure your remote employee’s network access

Managed Antivirus and Malware Protection

Protect your business from sophisticated cyber attacks

Security Assessment and Training

Analyze your security posture & train employees to defend against the latest threats

Help Desk Access

Solve all your technical issues with a friendly & reliable helpdesk

Remote Setup and Monitoring

Protect remote workers with proper employee configuration

Network Management

Boost your productivity with efficient network management

Proactive Monitoring and Maintenance

Avoid downtime and fix issues as they arise


Backup and Disaster Recovery

Keep your business up & running throughout unforeseen events

Construction & Engineering

Manufacturing & Wholesalers

Architecture Firms

CPA & Accounting Firms

Dental Offices

Small Business