PHISHING ALERT: FAKE EMAILS MIMIC LOGMEIN AUDIT NOTIFICATION

Update 12.14.18:

We have received additional reports of similar emails being sent to LogMeIn customers from new malicious domains. We want to make it clear that these did NOT come from LogMeIn and people should NOT click on the links in these emails. Please be sure to delete this message if you receive it.

While we are working with our partners to get these sites taken down, we want you to be aware of the specific phishing email below. As always, if you have clicked a link in this email, we recommend changing your password and enabling two-factor authentication on your account as well as your users’ accounts.

__________________________________________________________________________________________________________________________________

We are getting reports from LogMeIn customers about suspicious emails that are designed to look like they are coming from LogMeIn — they have all the hallmarks of a phishing attempt.

These fake emails are meant to look like a LogMeIn email. The email subject line is: “LogMeIn Audit Notification – Update”

We want to make it clear that these did NOT come from LogMeIn and people should NOT click on the links in these emails.

While we have worked with our partners and successfully removed these malicious websites, as part of our commitment to security, we still want to make sure our users and the public are aware of this specific email and provide an easy way for people to identify the tell-tale signs of phishing attacks.

Email subject line: LogMeIn Audit Notification – Update
Intended behavior/action: Tries to get you to click a link to enter your LogMeIn login credentials.
Email body text is:

As with all suspicious emails, please read carefully and review the website links in these messages.

Please be sure to delete this message if you receive it. If you have clicked a link in this email, we recommend changing your password and enabling two-factor authentication on your account as well as your users’ accounts.

We also recommend taking a look at our primer on how to protect yourself against phishing attacks and ensure you’re following secure password practices.

         

LogMeIn and WannaCry

LogMeIn has been monitoring the evolving WannaCry situation and taking proactive measures to mitigate the risk associated with this global event. To that end we have:

1) Made a concerted effort to patch all of our machines with the latest available security fixes;
2) Configured our internal computer security, security information, and event management (SIEM) tools to monitor for recognizable or known signatures of any WannaCry activity;
3) Alerted our end users within the organization to be ever vigilant; and
4) Been in communication with the vendors of our perimeter and end point protection security systems.

In addition, the LogMeIn corporate network is segregated from the production systems network, providing a further layer of protection and defense. As a result, at this time, we believe that our exposure to the WannaCry ransomeware is minimal and controlled.