LinkedIn emails are hiding phishing scams

LinkedIn spam
(Image credit: 13_Phunkod / Shutterstock.com)

LinkedIn users are being warned to beware emails reportedly coming from the site following a rise in recent message scams.

A report from KnowBe4 found that scammers are harnessing emails from some of the world's most popular social media sites to launch phishing scams against unsuspecting users. 

LinkedIn has become the most popular tool to target potential victims, with more than half of all social media phishing email using the Microsoft-owned platform as a hook.

LinkedIn scam

Phishing scams see cybercriminals target users with spoof emails designed to look as though they originate from a large-scale organisation. Social media sites have become increasingly popular in such scams in recent years, with social media phishing attacks rose 75 percent in 2019.

Overall, KnowBe4's tests found that LinkedIn was used in 56 percent of the top phishing emails, more than all the other tests using other social media networks combined.

The report also highlighted that password reset emails were found to be particularly effective, as were fake login alerts, birthday invites, and photo tag alerts. So-called in-the-wild attacks were found to be especially effective when they asked for action from the recipient, such as being invited to share an Outlook calendar or being assigned a task in a Microsoft platform.

KnowBe4 says that its findings show the importance of training users how to spot and manage potentially malicious emails, especially in the workplace.

“It feels good to ‘join my network’ or connect with someone in some way – that’s why social media phishing attacks are so successful,” said Stu Sjouwerman, CEO of KnowBe4. 

“Users innately trust their ‘verified’ contacts so are more apt to click on a link that come from someone they know. It’s becoming harder to identify phishing attacks, but our users are smarter than the bad guys think and can absolutely be trained to identify and avoid phishing and social engineering attacks.”

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over