A Record Number of Phishing Attacks Leverage Linkedin

Update on LinkedIn phishing attacks

• Since February 1, 2022, cybersecurity firm Egress recorded a 232% increase in email phishing attacks that relied on LinkedIn.
• The attacks spoofed display names and stylized HTML templates to redirect victims to phishing links that harvested their credentials.
• Most of these attacks were targeted against Outlook 365 users in North America and the U.K.
• In order to look convincing and bypass email security defenses, the emails include multiple stylized HTML templates, including the LinkedIn logo, brand colors, and icons.
• The subject lines of these emails would have enticing headings such as ‘Who’s searching for you online,’ ‘You appeared in 4 searches this week,’ or ‘Your profile matches this job,’ or ‘You have 1 new message.’
• The cybercriminals also impersonate well-known organizations’ names, such as American Express and CVS Carepoint, to target more victims.

Spoofing organizations - a major concern

• In an investigation, Krebs On Security found that the scammers are leveraging the ‘Slinks’ feature in LinkedIn to conduct their phishing attacks.
• This enabled threat actors to hack business accounts and create their own ad campaigns.
• One such campaign using the Slinks or ‘LinkedIn links’ had redirected users to a fake website of Adobe and prompted them to share their Microsoft email account details to view a shared document.
• In another campaign, Slinks was used to spoof the U.S. Internal Revenue Service. Amazon and Paypal were also targeted in a similar way in different phishing attacks.

How to stay safe?