The Heartbleed bug – the OpenSSL vulnerability that exposes private keys, passwords and other information of most Internet users – has made a lot of headlines over the past days. This is why it has also attracted the attention of cybercriminals.
The first one who warned of phishing scams fueled by about Heartbleed was Australian security expert Troy Hunt.
The SANS Institute’s Rob VandenBrink has also published an advisory. VandenBrink says he has already received fake emails asking him to change his password on services for which he hasn’t signed up. The notifications contain links pointing to malware or phishing .
The expert says that some companies have started sending out messages that look like phishing emails.
The Heartbleed bug affects many major online services, which is why users are advised to their passwords as a precaution. It’s difficult to say what and whose data has been compromised, but it’s better to be safe than sorry.
LastPass has added a new to its Security Check tool so that users can check which are still vulnerable to heartbeat attacks.