LinkedIn is now the most imitated brand by cybercriminals

Suspicious emails from LinkedIn could be phishing for your credentials

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Thejob siteand professional social networkLinkedInaccounted for more than half of all brand phishing attacks during the first quarter of this year.

According toCheck Point Research(CPR), this is the first time that LinkedIn has taken the top spot in its 2022 Q1 Brand Phishing Report. The professional social network was impersonated in 52 percent of all phishing attacks globally during Q1 which marks a dramatic, 44 percent increase from the previous quarter.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022.Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

At the same time, CPR’s new report shows that cybercriminals now prefer to leverage social networks overshipping companiesand tech giants includingGoogle,MicrosoftandApple.

As for the rest of the companies whose brands are frequently used in phishing attempts, global shipping companyDHLtook the second spot at 14 percent, followed by Google (7%), Microsoft (7%) and FedEx (6%). Besides these companies,Amazon, Maersk, AliExpress, Apple andWhatsApprounded out CPR’s top 10 list with Meta-ownedWhatsAppaccounting for almost 1 in 20 phishing-related attacks worldwide.

Brand phishing attacks

For those unfamiliar, in abrand phishing attack, cybercriminals attempt to imitate the official website of a well-known company by using a similardomain nameand webpage design.

From here, links to fake websites are sent to targeted individuals by email or text message. These fake websites also often contain a form intended to steal user credentials, payment details or other personal information.

LinkedIn is becoming a paradise for phishing attacks>These companies are the most impersonated in email phishing campaigns>Cybercriminals are targeting outdated WordPress sites to run phishing ads

Data research group manager at Check Point Software, Omer Dembinsky explained in ablog posthow the cybercriminals behind brand phishing attacks will also try to deploymalwareon company networks in addition to stealing sensitive personal and business information, saying:

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“These phishing attempts are attacks of opportunity, plain and simple. Criminal groups orchestrate these phishing attempts on a grand scale, with a view to getting as many people to part with their personal data as possible. Some attacks will attempt to gain leverage over individuals or steal their information, such as those we’re seeing with LinkedIn. Others will be attempts to deploy malware on company networks, such as the fake emails containing spoof carrier documents that we’re seeing with the likes of Maersk. If there was ever any doubt that social media would become one of the most heavily targeted sectors by criminal groups, Q1 has laid those doubts to rest.”

In order to avoid falling victim to brand phishing attacks, CPR recommends that users remain cautious when divulging personal data and credentials to business applications or websites, think twice before opening email attachments or links, look formisspellingsin emails and the domains used by websites and beware ofurgent requestssuch as “change your password now”.

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Australian Beach Volleyball Tour live stream: How to watch bronze and gold medal matches online for free, finals, start time