New Phishing Campaign Impersonates LogMeIn For Credential Theft
LogMeIn just got added to the list of remote access and collaboration platforms to be targeted by phishing campaigns.
What is happening
Researchers have observed an upsurge in scams targeting LogMeIn. LogMeIn is a provider of cloud-based remote connectivity services for IT management, collaboration, and customer engagement. LogMeIn provides single sign-on capabilities with LastPass, which means that victims who get duped may lose access to their password manager as well.
Incidents impacting remote working tools
- Slack suffered a data breach where hackers stole user names, email addresses, Skype IDs, phone numbers, and passwords.
- This year April, 500,000 Zoom accounts were sold on the dark web, while Zoombombing continued.
What the experts are saying
- Organizations are increasingly adopting popular online collaboration tools such as Zoom, Slack, and Microsoft Teams. This has made it extremely easy for malicious actors to choose their targets.
- It is concerning that cyberattackers are capable of taking maximum advantage of APIs to gain access to an organization’s data through their collaboration tools.
- “Most of these apps have third-party integrations to just about every other enterprise app for this purpose. The challenge becomes how secure are the integrations, what data is shared between them and what risk is introduced into your platform?”, said Steve Tcherchian, Chief Product Officer and CISO at Xypro.
- It is expected that attacks in the near future will incorporate AI and ML to attack collaboration tools.
- Third parties may try to fraudulently trick employees, organizations, or users into sharing their sensitive information.
There has been an uptick in the usage of collaboration software since the onset of the global pandemic. Most of these platforms are connected with other logins, such as Office 365 and G Suite, which can be leveraged by threat actors to gain to access to business or personal accounts.