We’ve had reports from LogMeIn customers, as well as the general public, that a couple emails are making the rounds that mimic LogMeIn branding and are designed to look like they are coming from LogMeIn addresses. The MO looks very different — one purports to be a notification that “LogMeIn.com is moving to 1024 bit encryption from 128 bit” and the other is designed to appear as an invoice — and its not clear if they are coming from the same malicious source/entity. Both appear to be phishing attempts, and we want to make it clear that these did NOT come from LogMeIn.
As part of our commitment to security, we want to make sure our users and the public are aware of these specific emails, and we wanted to share what we’ve learned, as well as provide an easy way for people to identify the tell tale signs of phishing attacks.
The subject lines on the emails are:
Email 1: “LogMeIn.com is moving to 1024 bit encryption from 128 bit – Update”
Email 2: “Your most recent LogMeIn invoice no. 8573984893 is attached for your review.” (please note the invoice number is likely altered per email)
Email 1: Tries to lure you to click on a link to a fake login page. The URL goes to a .su address, NOT logmein.com
Email 2: Tries to get you to open a .zip file attachment.
Both of these are classic red flags in phishing emails.
What they look like:
Email 1 (image)
Email 1 (text/copy):
Because the security of your online session is most important to us , and to maintain the quality of the services offered on our website we have decided to upgrade the encryption algorithm from 128 bits to 1024 bits , and to encrypt the passwords using the MD5 algorithm.
The MD5 algorithm is undecryptable, so if anyone manages to get passed our security systems, your information will be safe. But in order to apply this new algorithm on our entire system , we require you to login over a secure connection and update the username and password of your every computer using Logmein system.
Please click on the link below to begin the update process :
<hyperlink removed for safety reasons>
After the update is complete you will be redirected to your account , and will be able to use our new encryption system.Even if you won`t notice any differences rest assured that your online session has never been safer.
Email 2 (text/copy)
Your most recent LogMeIn invoice no. 8573984893 is attached for your review.
If you have any questions regarding this invoice, please contact your LogMeIn service team at the number provided on the invoice for assistance.
Please note that your bank account will be debited within one banking business day for the amount(s) shown on the invoice.
Thank you for choosing LogMeIn for your business solutions.
Important: Please do not respond to this message. It comes from an unattended mailbox.
As with all suspicious emails, please don’t click on any links or open/download any attachments in these messages. We’ll update this post if we learn more, but please be sure delete these messages if you receive them. We also recommend taking a look at our primer on how to protect yourself against phishing attacks.