Half Of Phishing Emails Target LinkedIn Accounts

Uploaded on 2022-04-25 in TECHNOLOGY-Key Areas-Social Media, FREE TO VIEW

LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cyber criminals in phishing attacks and and 52% of phishing attacks globally are focused on LinkedIn.

LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cyber criminals in phishing attacks.

LinkedIn has become the most targeted website for phishing attacks, with a 44% increase over the past quarter. The business social network now accounts for more than half of all phishing-related attacks globally, a surge which has likely been driven by the so-called ‘great resignation’, which has seen many workers looking for new jobs, as well as the large amount of personal information LinkedIn users share publicly. 

A particular is issue is that many users feel comfortable connecting with strangers on LinkedIn to build their professional networks, which makes it ideal for phishing scams. 

Security researchers at Check Point have released a Report detailing phishing attempts against LinkedIn users, where cyber criminal want usernames, passwords and social information. Check Point say that LinkedIn users should be wary of suspicious emails that seemingly come from LinkedIn.

If the recipient clicks on the link, they are taken to a spoofed login page that harvests credentials and lands them in the hands of attackers. The attackers could then use that information to log into the victim’s LinkedIn account.

Although the attacks are not sophisticated, leveraging a commonly used platform such as LinkedIn is a tactic used by phishers to fool recipients that don’t look close enough to spot the hallmarks of a phishing attack. Criminal groups frequently operate these phishing attempts on a large scale, delivering as many emails out to LinkedIn users as possible.

Some attacks will attempt to use publicly available information on social media accounts to tailor the phishing email and make it more convincing and a common tactic is to tell users that their account has been hacked.  

If you are worried that an email with a cyber security warning that says you need to change your password might be legitimate, the best course of action is to avoid the URL in the email and visit the website directly.  If there really is an issue, the website will tell you and you can take the necessary action. 

CheckPoint:  TechMonitor:  Oodaloop:    ZDNet:   Infosecurity Magazine:   InfoSec Today:   Indian Express

You Might Also Read: 

How Do The Facebook & LinkedIn Data Leaks Impact Their Users?:
 

« The Cyber Delusion Challenge For Small & Medium Businesses
Business Leaders Have A Legal Liability When A Data Breach Occurs »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ForgeRock

ForgeRock

ForgeRock, the leader in digital identity, delivers comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.

General Dynamics Information Technology (GDIT)

General Dynamics Information Technology (GDIT)

General Dynamics IT delivers cyber security services to defend critical information and infrastructure.

Axiad IDS

Axiad IDS

Axiad IDS is a Trusted Identity solutions provider for enterprise, government and financial organizations.

Quokka

Quokka

Quokka (formerly Kryptowire) is the source for mobile security and privacy solutions, staying steps ahead of the threat and delivering peace of mind.

Salt Security

Salt Security

Salt Security protects the APIs that are the core of every SaaS, web, mobile, microservices and IoT application.

KOVRR

KOVRR

Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.

Department of Justice & Equality - Cybercrime Division - Ireland

Department of Justice & Equality - Cybercrime Division - Ireland

The Cybercrime division is responsible for developing policy in relation to the criminal activity and coordinating a range of different cyber initiatives at national and international level.

Splone

Splone

Splone is a Berlin-based IT security research team and consultancy. We help improve IT-security by offering red team assements, penetration tests, audits and customized consulting.

Zercurity

Zercurity

Zercurity is on a mission to build the ultimate cybersecurity operations platform for businesses. To help protect against a growing number of internal and external threats.

Whistic

Whistic

Whistic is a cloud-based platform that uses a unique approach to address the challenges of third-party risk management.

WidePoint

WidePoint

WidePoint Corporation is an innovative provider of Trusted Mobility Management (TM2) solutions.

Redhorse

Redhorse

Redhorse provides top-tier consulting to help clients address mission-critical government problems in National Security, Networking Technology, Energy and the Environment.

Nine23

Nine23

Nine23 are a highly focused cyber security solutions company that defines, builds and manages innovative services, enabling end-users to use technology securely in today’s workplace.

Finesse Global

Finesse Global

Finesse is a global system integration and digital business transformation company.

Port443

Port443

Port443 specialises in providing Security Orchestration, Automation and Remediation (SOAR) "as a service".

Dispel

Dispel

Dispel makes the fastest secure remote access for industrial networks. Built by operators for operators: a zero trust engine for your entire OT, IoT, and xIoT stack.