LinkedIn phishing scams up 232 percent since early February

top cybersecurity companies

Cyber ​​criminals primarily imitate automated messages sent by LinkedIn. They are intended to trick users into entering their access data on fake login pages.

Phishing attacks impersonating LinkedIn emails have increased by 232 percent since early February, according to cybersecurity firm Egress. According to its report, cyber criminals use stylized HTML templates to trick their victims into clicking phishing links in Outlook 365 and then entering their credentials on fraudulent websites.

Many people have become accustomed to receiving emails from LinkedIn with content such as “You appeared in 4 searches this week”, “You have 1 new message” and “Your profile matches this job”. Cyber ​​criminals use this to send fake emails with the same subject lines.

“The emails use multiple HTML templates, including the LinkedIn logo, branding colors and icons. In the body of the email, cybercriminals use the names of other well-known organizations (including American Express and CVS Carepoint) to make the attacks more convincing,” explains Egress.

“When a victim clicks on the phishing links, they are redirected to a website that asks for their LinkedIn credentials. The footer contains elements from the real LinkedIn email footer, including global headquarters address, unsubscribe and support hyperlinks, and recipient information.”

“The attacks we’ve seen bypass traditional email security mechanisms to get into users’ inboxes. We advise organizations to review their current anti-phishing security system to ensure they have intelligent controls deployed directly in users’ mailboxes,” added Egress.

Leave a Reply

Your email address will not be published.