Back to Blog

Email phishing scam impersonates LogMeIn to trick remote workers

May 22, 2020

By: mirabiliscorp


Add LogMeIn to the list of remote services and collaboration platforms whose users are being targeted by phishing scammers seeking to take advantage of businesses’ current work-from-home policies under COVID-19.

In a company blog postAbnormal Security researchers reported witnessing an influx of campaigns targeting LogMeIn — provider of cloud-based remote connectivity services for collaboration, IT management and customer engagement — after not seeing any such similar activity prior to May.

And because LogMeIn provides single sign-on capabilities with LastPass, victims who fall for this ruse may find that their access to the password manager is endangered as well.

The phishing emails appear to come from LogMeIn, alerting the recipient of a patch to a zero-day vulnerability affecting the company’s products. This bug, of course, does not really exist. Recipients are asked to click on a link that looks like a LogMeIn URL, but actually leads to a convincing-looking phishing page.

“Other collaboration platforms have been under scrutiny for their security as many have become dependent on them to continue their work given the current pandemic,” Abnormal Security explains. “Because of this, frequent updates have become common as many platforms are attempting to remedy the situation. A recipient may be more inclined to update because they have a strong desire to secure their communications.”

Source: SC Media

Contact us

Safety is essential to your decision making. We are sure that our team can clarify any doubts. After all, we understand security.

contact@sikur.com

Follow us

Try SIKUR





Contact Us
First Name*
Last Name*
E-mail*
Mobile Number*
Company*
Country*
Tell us what do you need* ?
Products: Hold CTRL+Click to add more than 1.* ?
Comments
I agree to the Privacy Policy and Terms of Service.