Executive Summary An ongoing phishing campaign is impersonating LastPass and abusing Amazon S3–hosted URLs as the first redirect hop to a fake LastPass domain, attempting to harvest victims’ master passwords and vault access. The operation—active since Jan 19, 2026 (US holiday weekend)—pushes emails urging recipients to “Create Backup Now” ahead of “scheduled maintenance,” then redirects […]
The post Hackers Turn AWS Buckets into LastPass Phishing Lures to Steal Vault Credentials appeared first on SecPod Blog.