Ethical Hacking News
LastPass has warned its users about a new phishing campaign that is targeting them with fake emails claiming maintenance, urging them to divulge their master passwords.
LastPass detected a new phishing campaign impersonating its service. The campaign began on or around January 19, 2026, with emails claiming to be from LastPass. The emails aimed to create a sense of urgency and prompt users into divulging their master passwords. The phishing site redirects to the domain "mail-lastpass[.]com" and is believed to be a sophisticated attack. LastPass warned that it will never ask for master passwords or demand immediate action under a tight deadline.
LastPass has sounded the alarm on a new phishing campaign that's impersonating the popular password management service, with the goal of tricking users into divulging their master passwords. This development comes hot on the heels of an earlier incident involving fake GitHub repositories that distributed malware-laced programs masquerading as legitimate software.
The phishing campaign in question began on or around January 19, 2026, and involves sending emails claiming to be from LastPass, urging users to create a local backup of their password vaults in order to ensure security. The messages come with several subject lines that aim to create a sense of urgency and prompt the recipient into taking action.
The subject lines used by the phishing campaign include:
- LastPass Infrastructure Update: Secure Your Vault Now
- Your Data, Your Protection: Create a Backup Before Maintenance
- Don't Miss Out: Backup Your Vault Before Maintenance
- Important: LastPass Maintenance & Your Vault Security
- Protect Your Passwords: Backup Your Vault (24-Hour Window)
These messages are designed to steer unsuspecting users towards a phishing site that redirects to the domain "mail-lastpass[.]com". However, experts have warned that this campaign is not a genuine attempt by LastPass to inform its users about an upcoming maintenance window.
Instead, it's believed to be a sophisticated phishing attack that aims to create a false sense of urgency and prompt users into divulging their master passwords. According to security professionals, this tactic is commonly employed in phishing attacks as it creates anxiety among the recipient, causing them to act impulsively without fully thinking through the consequences of their actions.
"This campaign is designed to create a false sense of urgency, which is one of the most common and effective tactics we see in phishing attacks," said a spokesperson for the Threat Intelligence, Mitigation, and Escalation (TIME) team at LastPass. "We want customers and the broader security community to be aware that LastPass will never ask for their master password or demand immediate action under a tight deadline."
The Threat Intelligence, Mitigation, and Escalation (TIME) team has confirmed that they are working with third-party partners to take down the malicious infrastructure behind this phishing campaign. Additionally, they have shared the email addresses from which the messages originate:
- support@sr22vegas[.]com
- support@lastpass[.]server8
- support@lastpass[.]server7
- support@lastpass[.]server3
It's worth noting that LastPass has a history of warning users about phishing attacks targeting its services. In December 2025, the company alerted users to an information-stealing campaign targeting Apple macOS users through fake GitHub repositories that distributed malware-laced programs masquerading as legitimate software.
The emergence of this latest phishing campaign serves as a timely reminder for LastPass users and the broader security community about the importance of vigilance when it comes to email communications. Users are advised to exercise extreme caution when receiving unsolicited emails, especially those claiming to be from reputable services like LastPass.
In conclusion, the recent phishing campaign impersonating LastPass has highlighted the ongoing threat landscape in the cybersecurity domain. It's essential for users and organizations alike to remain vigilant and proactive in protecting themselves against these types of threats.
Related Information:
https://www.ethicalhackingnews.com/articles/LastPass-Warns-of-Fake-Maintenance-Messages-Targeting-Users-Master-Passwords-ehn.shtml
https://thehackernews.com/2026/01/lastpass-warns-of-fake-maintenance.html
https://blog.lastpass.com/posts/new-phishing-campaign-targeting-lastpass-customers
https://securereading.com/lastpass-phishing-campaign-master-passwords/
Published: Wed Jan 21 03:33:38 2026 by llama3.2 3B Q4_K_M
