New Password Hack Attack Chrome, Facebook, Netflix, PayPal Users At Risk

New Warning: Password Hack Attack on Chrome, Facebook, Netflix, and PayPal Users

In the world of passwords, LastPass is one of the leading companies in secure password management, making any warning from them worth paying attention to. Recently, the company issued an alert about a massive hacking campaign targeting internet users by exploiting fake reviews on the Chrome Web Store. Victims are being directed to a fake support center, encouraging them to enter their credentials.

Password Hackers Use Fake Chrome Web Store Reviews to Build Trust

On October 30, LastPass issued a warning to users of its Chrome extension, alerting them to a new password-hacking campaign. The hackers have been creating a large number of fake reviews on the LastPass Chrome Web Store page to build a sense of trust, attracting users to contact a fake support center.

When users call the listed number, the hackers take advantage of their need for assistance, asking questions about the product they are facing issues with. Ultimately, the users are directed to a site designed to steal their credentials and passwords.

A New Tactic in Password-Harvesting Campaigns

The fake support centers scheme is not new, but it has become increasingly popular among cybercriminals who use it to trick victims into revealing their information. Recently, hackers have even started using advanced techniques like deepfake AI in fake support scams targeting Gmail accounts. However, in this campaign, the twist is that users are initiating the call to the fake center, which adds an extra layer of credibility.

The Password Hacking Campaign Extends Beyond LastPass Users to Major Brands

Investigations by Bleeping Computer revealed that this hacking campaign is targeting users of many popular online services, including Amazon, Facebook, Netflix, PayPal, YouTube TV, Verizon, and more. Fake support numbers are being widely promoted on forums and social media, making it easier for hackers to reach users.

Although site administrators are working to remove these fake support messages, they keep reappearing. Users are therefore advised to be cautious when seeking support. Always verify any support contact through the official website of the service you’re using and avoid calling unverified numbers.

Tips for Protecting Your Data

• Check the Official Website: When in need of support, go directly to the company’s official website and follow the guidelines provided there.
• Never Share Full Passwords: Avoid giving out your complete password to any support agent, whether over the phone or online.
• Verify the Support Center's Credibility: If you come across unverified support numbers, avoid using them and report them, especially if you notice suspicious comments or reviews.

By following these steps, can avoid falling into hackers' traps and keep your information secure.