LinkedIn is becoming a paradise for phishing attacks
No, Tesla is probably not going through your LinkedIn profile
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
The so-called “Great Resignation” and LinkedIn’s frequentemailnotifications are creating the perfect environment for criminals looking to steal login information from unsuspecting victims, researchers have warned.
A report from cybersecurity experts Egress found cybercriminals have noticed the opportunity tosteal identitieswith the help of Linkedin’s email notifications, as the number of phishing emails impersonating the recruitment site has grown 232%In February 2022 alone.
The premise is simple: threat actors know thatLinkedInsends numerous email notifications almost every day: from “you’ve appeared in X searches this week,” to “your profile matches this job,” to anything else in between.
Everyone’s used to LinkedIn’s emails
They also know that with these emails being frequent, and with so many people in-between jobs (or searching for jobs), they might not be as careful with each and every message received.
To top it off, these phishing emails often mention high-profile companies, to further motivate (or distract) people into clicking the link in the message.
The link, as you might imagine, will lead the victim to a website that looks identical to LinkedIn, but submitting thecredentialsthere only means the details of theiridentitiesend up in the hands of the crooks.
“The attacks we have seen are bypassing traditional email security defenses to be delivered into people’s inboxes. We advise organizations to examine their current anti-phishing securing stack to ensure they have intelligent controls deployed directly into people’s mailboxes,” Egress said.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
LinkedIn URLs are being hijacked for phishing>This LinkedIn phishing scam abuses Google Forms to siphon your personal details>LinkedIn emails are hiding phishing scams
“Individuals should take extreme caution when reading notification emails that request them to click on a hyperlink, particularly on mobile devices. We recommend hovering over links before clicking on them and going directly to LinkedIn to check for messages and updates.”
LinkedIn, we would add, is not the only company being impersonated by cybercrooks in search of gullible users. Other major brands are being used for phishing as well, such asAmazon, DHL,Microsoft, and many, many others. Users should always pay attention to emails that carry links, or attachments, regardless of who the sender is.
Via:ZDNet
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
LG Electronics sets ambitious B2B revenue goal to offset declining consumer demand
