Half Of Phishing Emails Target LinkedIn Accounts

LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cyber criminals in phishing attacks and and 52% of phishing attacks globally are focused on LinkedIn.

LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cyber criminals in phishing attacks.

LinkedIn has become the most targeted website for phishing attacks, with a 44% increase over the past quarter. The business social network now accounts for more than half of all phishing-related attacks globally, a surge which has likely been driven by the so-called ‘great resignation’, which has seen many workers looking for new jobs, as well as the large amount of personal information LinkedIn users share publicly. 

A particular is issue is that many users feel comfortable connecting with strangers on LinkedIn to build their professional networks, which makes it ideal for phishing scams. 

Security researchers at Check Point have released a Report detailing phishing attempts against LinkedIn users, where cyber criminal want usernames, passwords and social information. Check Point say that LinkedIn users should be wary of suspicious emails that seemingly come from LinkedIn.

If the recipient clicks on the link, they are taken to a spoofed login page that harvests credentials and lands them in the hands of attackers. The attackers could then use that information to log into the victim’s LinkedIn account.

Although the attacks are not sophisticated, leveraging a commonly used platform such as LinkedIn is a tactic used by phishers to fool recipients that don’t look close enough to spot the hallmarks of a phishing attack. Criminal groups frequently operate these phishing attempts on a large scale, delivering as many emails out to LinkedIn users as possible.

Some attacks will attempt to use publicly available information on social media accounts to tailor the phishing email and make it more convincing and a common tactic is to tell users that their account has been hacked.  

If you are worried that an email with a cyber security warning that says you need to change your password might be legitimate, the best course of action is to avoid the URL in the email and visit the website directly.  If there really is an issue, the website will tell you and you can take the necessary action. 

CheckPoint:  TechMonitor:  Oodaloop:    ZDNet:   Infosecurity Magazine:   InfoSec Today:   Indian Express

You Might Also Read: 

How Do The Facebook & LinkedIn Data Leaks Impact Their Users?:
 

« The Cyber Delusion Challenge For Small & Medium Businesses
Business Leaders Have A Legal Liability When A Data Breach Occurs »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Disklabs

Disklabs

Disklabs are industry leaders in data recovery, digital forensics and data erasure.

Lanner Electronics

Lanner Electronics

Lanner Electronics is a leading hardware provider for advanced network appliances and industrial automation solutions including cyber security.

ESTsecurity

ESTsecurity

ESTsecurity is a leading company in cyber security providing intelligent security solutions to make world more secure.

Cybrary

Cybrary

Cybrary is an open-source cyber security and IT learning and certification preparation platform.

Fedco International

Fedco International

Fedco International is an IT and SCADA ICS Security consultancy firm.

Banshie

Banshie

Banshie is an independent cyber security company with a small team of recognized specialist that are among the best in their field.

SynerLeap

SynerLeap

SynerLeap is ABB's innovation growth hub. Our aim is to help startups accelerate and expand across industries, ranging from industrial automation and robotics to grid technologies and smart cities.

CybrHawk

CybrHawk

CybrHawk is a leading provider of information security-driven risk intelligence solutions focused solely on protecting clients from cyber-attacks.

Rostelecom

Rostelecom

Rostelecom is Russia’s largest integrated provider of digital services and solutions, covering all market segments including consumer, governmental and private organizations.

Commvault

Commvault

Commvault's data protection and information management solutions help companies protect, access and use all of their data, anywhere and anytime.

Aardwolf Security

Aardwolf Security

Aardwolf Security specialise in penetration testing to the highest standards set out by OWASP. We ensure complete client satisfaction and aftercare.

TrustMe

TrustMe

TrustMe’s integrated platform for business trust and resilience keeps organizations safe, secure, and trustworthy.

FastPassCorp

FastPassCorp

In the world of IT, identity theft is a growing concern. FastPass offers an innovative solution as a cloud or on-premises offering.

NMi Group

NMi Group

NMi Group is a global pioneer in mission-critical Testing, Inspection, Certification, and Calibration (TICC) services.

CESAR

CESAR

CESAR is one of the premier R+D and innovation centers in Brazil and a designated Cybersecurity Competence Center.

CSIRT-Gnd

CSIRT-Gnd

CSIRT-Gnd provides 24x7 Computer Security Incident Response Services to citizens, companies and government agencies in Grenada.