Half Of Phishing Emails Target LinkedIn Accounts
LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cyber criminals in phishing attacks and and 52% of phishing attacks globally are focused on LinkedIn.
LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cyber criminals in phishing attacks.
LinkedIn has become the most targeted website for phishing attacks, with a 44% increase over the past quarter. The business social network now accounts for more than half of all phishing-related attacks globally, a surge which has likely been driven by the so-called ‘great resignation’, which has seen many workers looking for new jobs, as well as the large amount of personal information LinkedIn users share publicly.
A particular is issue is that many users feel comfortable connecting with strangers on LinkedIn to build their professional networks, which makes it ideal for phishing scams.
Security researchers at Check Point have released a Report detailing phishing attempts against LinkedIn users, where cyber criminal want usernames, passwords and social information. Check Point say that LinkedIn users should be wary of suspicious emails that seemingly come from LinkedIn.
If the recipient clicks on the link, they are taken to a spoofed login page that harvests credentials and lands them in the hands of attackers. The attackers could then use that information to log into the victim’s LinkedIn account.
Although the attacks are not sophisticated, leveraging a commonly used platform such as LinkedIn is a tactic used by phishers to fool recipients that don’t look close enough to spot the hallmarks of a phishing attack. Criminal groups frequently operate these phishing attempts on a large scale, delivering as many emails out to LinkedIn users as possible.
Some attacks will attempt to use publicly available information on social media accounts to tailor the phishing email and make it more convincing and a common tactic is to tell users that their account has been hacked.
If you are worried that an email with a cyber security warning that says you need to change your password might be legitimate, the best course of action is to avoid the URL in the email and visit the website directly. If there really is an issue, the website will tell you and you can take the necessary action.
CheckPoint: TechMonitor: Oodaloop: ZDNet: Infosecurity Magazine: InfoSec Today: Indian Express:
You Might Also Read:
How Do The Facebook & LinkedIn Data Leaks Impact Their Users?: