LastPass is warning users about a renewed phishing campaign impersonating the official LastPass service. The attack aims to steal users’ master passwords by sending fake emails that claim an upcoming system maintenance and urge recipients to back up their password vaults within 24 hours.

These phishing emails use convincing subject lines such as “LastPass Infrastructure Update” and “Backup Your Vault Before Maintenance.” Victims are redirected to fraudulent websites designed to closely mimic the LastPass interface, where they are prompted to enter their account credentials.

LastPass emphasized that it never asks users for their master passwords via email or links. The company is working with third-party partners to take down the malicious infrastructure and continues to monitor follow-up attack waves observed through January 22, 2026, with phishing domains frequently changing.

So far, LastPass says there is no evidence of user accounts being compromised. However, users are strongly advised to verify sender addresses, avoid clicking suspicious links, and access LastPass only through its official website.

As LastPass phishing attacks continue to increase, user vigilance remains the most effective way to protect accounts and sensitive password data.