LogMeIn ‘Security Update’ Email Scam: Don’t Fall For It!

Photo of author

Written by: Stelian Pilici

Published on:

Scams have become increasingly prevalent in the digital age, with cybercriminals constantly devising new methods to deceive unsuspecting individuals. One such scam that has gained traction in recent years is the fake LogMeIn ‘Security Update’ email scam. This article aims to provide a comprehensive overview of this scam, including what it is, how it works, what to do if you have fallen victim, technical details, and relevant statistics.

Scams

What is the Fake LogMeIn ‘Security Update’ Email Scam?

The fake LogMeIn ‘Security Update’ email scam is a phishing attempt that targets users of the popular remote desktop software, LogMeIn. LogMeIn is a legitimate tool that allows users to access their computers remotely, making it convenient for individuals and businesses alike. Cybercriminals exploit the trust associated with LogMeIn by sending fraudulent emails disguised as security updates.

The emails appear to be sent from LogMeIn and often contain official logos and branding, making them appear legitimate at first glance. The scammers use social engineering techniques to trick recipients into believing that their LogMeIn account is at risk and immediate action is required to secure it.

How Does the Scam Work?

The fake LogMeIn ‘Security Update’ email scam typically follows a similar pattern:

  1. The scammer sends an email to the victim, posing as LogMeIn, claiming that a security update is required to protect their account.
  2. The email contains a link that directs the victim to a fake LogMeIn website, designed to mimic the official site.
  3. Once on the fake website, the victim is prompted to enter their LogMeIn username and password.
  4. Unbeknownst to the victim, their login credentials are captured by the scammers.
  5. The scammers can then use the stolen credentials to gain unauthorized access to the victim’s LogMeIn account, potentially compromising sensitive information or using the account for malicious purposes.

It is important to note that LogMeIn is not directly involved in this scam. The scammers are simply leveraging the popularity and trust associated with the LogMeIn brand to deceive their victims.

What to Do If You Have Fallen Victim?

If you have fallen victim to the fake LogMeIn ‘Security Update’ email scam, it is crucial to take immediate action to minimize the potential damage:

  1. Change your LogMeIn password: Access your LogMeIn account through the official website and change your password immediately. Choose a strong, unique password that is not used for any other accounts.
  2. Enable two-factor authentication (2FA): Two-factor authentication adds an extra layer of security to your account by requiring a second form of verification, such as a code sent to your mobile device, in addition to your password.
  3. Scan your device for malware: It is possible that the scammers may have installed malware on your device to capture your login credentials. Run a scan with a reputable antivirus software, such as Malwarebytes Free, to detect and remove any potential threats.
  4. Monitor your accounts: Keep a close eye on your financial accounts, email, and other online services for any suspicious activity. If you notice any unauthorized transactions or changes, report them immediately to the respective service providers.
  5. Report the scam: Inform LogMeIn about the scam by forwarding the fraudulent email to their official support or security team. This helps them track and take action against the scammers.

Technical Details of the Scam

The fake LogMeIn ‘Security Update’ email scam relies on various technical tactics to deceive its victims:

  • Email spoofing: The scammers manipulate the email headers to make it appear as if the email is sent from a legitimate LogMeIn address. This technique is known as email spoofing and is commonly used in phishing attacks.
  • Phishing websites: The scammers create fake websites that closely resemble the official LogMeIn site. They often use similar domain names or subdomains to trick victims into believing they are on a legitimate website.
  • Social engineering: The scammers employ psychological manipulation techniques to exploit the trust and urgency associated with security updates. By creating a sense of fear or urgency, they increase the likelihood of victims falling for the scam.

Statistics on Email Scams

Email scams, including phishing attempts, have become a widespread problem. Here are some statistics that highlight the scale of the issue:

  • According to the FBI’s Internet Crime Complaint Center (IC3), phishing scams accounted for over $54 million in losses in 2020 alone.
  • A report by Verizon found that 36% of data breaches involved phishing attacks.
  • In a survey conducted by Proofpoint, 88% of organizations worldwide experienced spear-phishing attempts in 2020.
  • The Anti-Phishing Working Group (APWG) reported a 22% increase in phishing attacks in the first quarter of 2021 compared to the previous quarter.

Summary

The fake LogMeIn ‘Security Update’ email scam is a phishing attempt that targets users of the popular remote desktop software. Cybercriminals send fraudulent emails posing as LogMeIn and trick victims into entering their login credentials on fake websites. If you have fallen victim, it is crucial to change your password, enable two-factor authentication, scan your device for malware, monitor your accounts, and report the scam to LogMeIn. Email scams, including phishing attempts, are a significant problem, and it is essential to stay vigilant and educate oneself to avoid falling victim to such scams.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Previous

‘Last Warning’ Email Phishing Scam: What You Need To Know!

Next

‘We Add New Photos’ — Google Photos Scam Email