Phishing Emails from LinkedIn Connections

10475693668?profile=RESIZE_400xJust who are your LinkedIn connections?  LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cybercriminals in phishing attacks and an estimate of 52% of phishing attacks globally are focused on LinkedIn.  LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cybercriminals in phishing attacks.

LinkedIn has become the most targeted website for phishing attacks, with a 44% increase over the past quarter. The business social network now accounts for more than half of all phishing-related attacks globally, a surge which has likely been driven by the so-called ‘great resignation’, which has seen many workers looking for new jobs, as well as a large amount of personal information LinkedIn users share publicly.

A particular issue is that many users feel comfortable connecting with strangers on LinkedIn to build their professional networks, which makes it ideal for phishing scams.  Security researchers at Check Point have released a Report detailing phishing attempts against LinkedIn users, where cybercriminals want usernames, passwords, and social information. Check Point says that LinkedIn users should be wary of suspicious emails that seemingly come from LinkedIn.[1]

If the recipient clicks on the link, they are taken to a spoofed login page that harvests credentials and lands them in the hands of attackers. The attackers could then use that information to log into the victim’s LinkedIn account.

Although the attacks are not sophisticated, leveraging a commonly used platform such as LinkedIn is a tactic used by phishers to fool recipients that do not look close enough to spot the hallmarks of a phishing attack. Criminal groups frequently operate these phishing attempts on a large scale, delivering as many emails out to LinkedIn users as possible.

Another familiar strategy is soon after you accept a new connection, the person sends you a link to make an appointment or sends you an attachment to open.  These are frequently used tactics and they can be easily discarded.  Any questions, visit the public website of the organization and use the contact form and check out the web address to see if it is a spoof too.

Some attacks will attempt to use publicly available information on social media accounts to tailor the phishing email and make it more convincing and a common tactic is to tell users that their account has been hacked.

If you are worried that an email with a cyber security warning that says you need to change your password might be legitimate, the best course of action is to avoid the URL in the email and visit the website directly.  If there really is an issue, the website will tell you and you can take the necessary action.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  For questions, comments, or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs. com    

Weekly Cyber Intelligence Briefings:

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

https://attendee.gotowebinar.com/register/5504229295967742989

 

[1] https://www.cybersecurityintelligence.com/blog/half-of-phishing-emails-target-linkedin-accounts--6258.html

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!