Larry keeps getting notifications about a video he posted on Facebook. People are complaining that they can't open it. Leo says that it's a phishing scam and they likely got his email address on a mailing list, then hacked into his Facebook page. Larry changed his password. But it happened again a day later. Could his LastPass password be compromised?
Leo says that he can look in LastPass to see what's happening, but he doesn't think Larry's LastPass has been compromised. He thinks that Larry's Facebook address has been spoofed. Hackers can clone an account and then use it to send messages. Leo also recommends turning on two-factor authentication on both Facebook and LastPass. That really slows the bad guys down.
From the chatroom - Make sure his friends' list isn't set to public. They can easily steal the list if it is. Go through the Facebook privacy settings and make them all friends only. Account options. Advanced. Other Sessions. That will show if the account has been logged in from another IP.