"Beware of Phishing Emails Urging For a LogMeIn Security Update"

Researchers from Abnormal Security have discovered a new phishing campaign targeting LogMeIn users.  The phishing email has been made to look like it is coming from LogMeIn and pertains to a security update.  The company logo is featured prominently in the mail body, the sender's identity has been spoofed, and the phishing link looks like it might be legitimate.  However, when a user clicks on the link, it takes them to a spoofed phishing page.  If the user enters their login credentials, their login information will be sent directly to the adversary.  Since LogMeIn has SSO with Lastpass as LogMeIn is the parent company, the attackers may be attempting to obtain access to the user's password manager. 

Help Net Security reports: "Beware of Phishing Emails Urging For a LogMeIn Security Update"

Submitted by Anonymous on