Update 1/23: ListPass confirmed to PCMag that it has seen another wave of phishing emails sent to its customers since its original report on Tuesday, with similar email designs but different communication tactics to fool targets into sharing data with the scammers.
It says hackers are using the email address format support@listpass. This is followed by a series of two to five different characters. You should look for prominent URLs in emails from scammers, who use Security LastPass.com to activate users.
ListPass reminds all users to ensure that emails come from a legitimate address. It says its emails came from five options, including @lastpass.com, @sendgrid.com, @m.lastpass.com, @t.lastpass.com, and @ar.lastpass.com. You can read more tips from a password manager here.
Original story 1/20:
If you use ListPass as your password manager, be on the lookout for ongoing email scams that aim to gain access to your vault of logins and personal information.
The password management company warned users that it has seen an influx of phishing emails sent since January 19. ListPass says it hasn’t sent any emails asking users to back up their wallets in the next 24 hours.
At the top of the email is a clear call to action asking users to “back up now”, which is a hyperlink with a fake address.
Listpass says the link directs users to a phishing site hosted at “group-shared-gen 2.s3.eu-west-3.amazonaws (.)com/5yavgx51zzgf”. ” It then redirects to a website called “maillistpass.com”, which has no affiliation with the password manager.
The emails have been sent under a variety of subjects, including “Protect your passwords: Back up your wallet (24-hour window),” “Listpass infrastructure update: Secure your wallet now,” and “Don’t forget: Back up your wallet before restoring.”
Recommended by our editors
ListPass notes that the scammers likely coordinated the campaign in the US starting on Martin Luther King Jr. Day, in an attempt to take advantage of the holiday period when fewer staff members may be available to deal with scams.
The brand says it is working with partners to take down fake domains. It also says it will never ask you directly for your master password outside of its tools, emphasizing caution when interacting with emails visible from the password manager and prompting a user to take action.
In October last year, ListPass saw another phishing scam targeting posthumous legacy features. Scammers aim to trick customers into handing over details for a feature that provides emergency access to an account after the customer dies.
Get our best stories!
Stay safe with the latest security news and updates
By clicking Sign Up, you confirm that you are 16+ years of age and agree to our Terms of Use and Privacy Policy.
Thanks for signing up!
Your membership has been confirmed. Watch your inbox!
About our expert
Experience
I have been a journalist for more than a decade since my start in tech reporting in 2013. I joined PCMag in 2025, where I cover the latest developments in the tech world, writing about the gadgets and services you use every day. Be sure to send me any tips you think would be of interest to PCMAG.
Read full bio
