Phishing Alert: Fraudulent Message to LastPass Customers Requests Password Update | Information Technology | University of Pittsburgh
!

Phishing Alert: Fraudulent Message to LastPass Customers Requests Password Update

Monday, July 20, 2020 - 15:00

 

Pitt Information Technology is aware of a new email phishing scam that claims to be from a LastPass representative. The message asks the reader to click a button to update their master password. The button actually links to a harmful website that attempts to collect the recipient’s University password.  

Below is a sample of the recent fraudulent email. If you receive a similar message to the one below, please report it by forwarding the email as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at our phishing awareness page.

******************************************************************************

From: LastPass representative – do-not-reply-support[@]lastpass.ch or do-not-reply-support[@]lastpasses.net <external email addresses>

Subject: LastPass – Adaptive Protection Alert

 

******************************************************************************

Pitt IT strongly recommends that you do not reply to unsolicited email or messages from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain malicious software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the 24/7 IT Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.