We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

LastPass Warns of Fake Support Number That Leads to Scam

LastPass Warns of Fake Support Number That Leads to Scam
Anka Markovic Borak Published on 9th November 2024 Writer and Quality Assessor

LastPass has issued a warning regarding scammers promoting a counterfeit support phone number in the reviews of its Chrome extension. These scammers aim to gain access to users’ computers and steal sensitive data.

The scammers are using 5-star reviews to promote a phone number, 805-206-2892, which is not affiliated with LastPass. Users facing any issues are urged by these reviews to call this number and when they do, the scammers impersonate LastPass support and direct them to a fraudulent website, dghelp[.]top. Callers are then asked to download a remote support program after entering a provided code. This software, reported to be a ConnectWise ScreenConnect agent by BleepingComputer, allows the scammers full access to the caller’s computer.

Once the software is downloaded, one scammer keeps the user engaged while another uses ScreenConnect in the background to install additional remote access tools and potentially steal data. The program connects to attacker-controlled servers at molatorimax[.]icu and n9back366[.]stream, previously linked to an IP address in Ukraine before being masked by Cloudflare.

This fake support number is reportedly part of a larger scam campaign targeting multiple companies beyond LastPass, like Amazon, Facebook, and PayPal. Fake support numbers have been posted on various platforms, such as company forums and Reddit, as well as in Chrome extension reviews. Many posts promoting these numbers are removed shortly after they’re published, but new ones appear frequently, making it challenging to contain the spread of the scam.

LastPass users are reminded not to share their master password with anyone, as it will grant access to all their saved passwords and any other sensitive data kept in LastPass vaults.

Android users should also ensure their LastPass app is updated, as LastPass 5.11.0.9519 was found to be vulnerable to a flaw dubbed “AutoSpill”.

About the Author

Anka Markovic-Borak is a writer and quality assessor at vpnMentor, who leverages her expertise to write insightful articles on cybersecurity, driven by her passion for protecting online privacy. She also ensures articles written by others are reaching vpnMentor's high standards.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address