Logmein automailer
- #Logmein automailer update
- #Logmein automailer full
- #Logmein automailer software
- #Logmein automailer password
The Excel file attached to the email – covid_usa_nyt_8072.xls – displays graph taken from the New York Times detailing COVID-19 cases and when opened the user is encouraged to enable content.
#Logmein automailer update
The emails used in this campaign appear to have been sent from the Johns Hopkins Center and claim to provide a daily update on COVID-19 deaths in the United States. NetSupport Remote Administration Tool Used to Take Control of Remote Workers’ LaptopsĪ large-scale phishing campaign has been detected that uses malicious Excel attachments to deliver a legitimate remote access tool that is used by the attackers to take control of a victim’s computer. If the security update is genuine, you will be advised about it when you login. Never use information provided in the email. Always visit the official website by entering the URL into the address bar or use your standard bookmarks.
#Logmein automailer software
Any request sent by email to update security software or take other urgent actions should be treated as suspicious. There has been an increase in phishing attacks spoofing remote working tools in recent weeks such as LogMeIn, Microsoft Teams, Zoom, GoToMeeting, and Google Meet. If clicked, the user will be directed to a convincing spoofed LogMeIn URL where credentials are harvested. The anchor text used in the email masks the true site where the user will be directed. The email threatens subscription of the service will be suspended if the update is not applied. The emails include the LogMeIn logo and claim a new security update has been released to fix a new zero-day vulnerability that affects LogMeIn Central and LogMeIn Pro.Ī link is supplied in the email that appears to direct the recipient to the website and a warning is provided to add urgency to get the user to take immediate action. The emails claim a new update has been released for LogMeIn, with the messages appearing to have been sent by the legitimate LogMeIn Auto-Mailer. Remote workers are being targeted in a phishing campaign that spoofs LogMeIn, a popular cloud-based connectivity service used for remote IT management and collaboration.
#Logmein automailer full
One campaign impersonates LogMeIn and the other exploits the COVID-19 pandemic to deliver a legitimate remote administration tool that allows attackers to take full control of a user’s device. In this particular case, you can be sure that if LogMeIn asks you to update something, the request/reminder will be shown once you access your account, so you’re not losing anything by ignoring the email and the link in it.Two new phishing campaigns have been identified targeting remote workers. If you have to enter login credentials into a web page, make sure you landed on that page by entering the correct URL yourself or by opening a bookmark – and not by following a link in an email. This LogMeIn-themed phishing campaign is a small one, but users should know that the company has seen an “incredible uptick” in collaboration software impersonations in the past month.īe careful when perusing unsolicited email, even if it looks like it’s coming from a legitimate source. A recipient may be more inclined to update because they have a strong desire to secure their communications.” Advice for users
![logmein automailer logmein automailer](https://blog.logmein.com/wp-content/uploads/sites/16/2020/05/phsihing5.21.20-1024x618.jpg)
![logmein automailer logmein automailer](https://blog.logmeininc.com/wp-content/uploads/sites/15/2020/05/phsihing5.21.20-768x464.jpg)
![logmein automailer logmein automailer](https://isc.sans.edu/diaryimages/images/Screen%20Shot%202014-09-22%20at%2011_34_06%20AM.png)
Because of this, frequent updates have become common as many platforms are attempting to remedy the situation. “Other collaboration platforms have been under scrutiny for their security as many have become dependent on them to continue their work given the current pandemic. “The link attack vector was hidden using an anchor text impersonation to make it appear to actually be directing to the LogMeIn domain,” Abnormal Security explained. Not only does the company logo feature prominently in the email body, but the sender’s identity has been spoofed and the phishing link looks, at first glance, like it might be legitimate: The phishing email has been made to look like it’s coming from LogMeIn.
#Logmein automailer password
Additionally, since LogMeIn has SSO with Lastpass as LogMeIn is the parent company, it is possible the attacker may be attempting to obtain access to this user’s password manager,” Abnormal Security noted. “Should recipients fall victim to this attack, their login credentials to their LogMeIn account would be compromised. LogMeIn users are being targeted with fake security update requests, which lead to a spoofed phishing page.