Is it me and my settings?
Twice this week, I guess my friends' FB accounts got hacked because I got a "look at this video" sent to me and when I click it, it takes me to what looks like a FB login. Since Lastpass offered to auto-fill, I went ahead without much thought. I quickly realized I got phished and I changed all my passwords. Then it happened again! This time I didn't fall for it, and instead grabbed a screenshot. But why is lastpass offering to fill in facebook (and oddly amazon) logins for a clearly non-facebook (or amazon) domain?
Could you please click on my profile and private message me the link you are being sent?
Subject: LastPass autofill for phishing scams
I'm sorry to hear that you and your friends have been targeted by phishing scams. It's important to be aware of the risks associated with clicking on links in emails and text messages, even if they come from people you know.
As for why LastPass offered to autofill your Facebook and Amazon logins for a non-Facebook and non-Amazon domain, it's possible that the phishing website was using a technique called domain spoofing. Domain spoofing is a type of phishing attack where the attacker creates a website that looks like a legitimate website, but with a slightly different domain name. For example, the attacker might create a website called "facebook. com. example" instead of "facebook. com".
LastPass uses a variety of factors to determine whether to autofill login credentials for a website, including the domain name. However, if the phishing website is using domain spoofing, LastPass may not be able to tell that it's not a legitimate website.
To protect yourself from phishing scams, it's important to be vigilant and to verify the identity of a website before you enter your login credentials. Here are a few tips:
If you're ever unsure whether a website is legitimate, it's best to err on the side of caution and not enter your login credentials.