LinkedIn is becoming a paradise for phishing attacks

News
By published

No, Tesla is probably not going through your LinkedIn profile

LinkedIn
(Image credit: LinkedIn)

The so-called "Great Resignation" and LinkedIn’s frequent email notifications are creating the perfect environment for criminals looking to steal login information from unsuspecting victims, researchers have warned.

A report from cybersecurity experts Egress found cybercriminals have noticed the opportunity to steal identities with the help of Linkedin's email notifications, as the number of phishing emails impersonating the recruitment site has grown 232%In February 2022 alone.

The premise is simple: threat actors know that LinkedIn sends numerous email notifications almost every day: from “you’ve appeared in X searches this week,” to “your profile matches this job,” to anything else in between. 

Everyone's used to LinkedIn's emails

They also know that with these emails being frequent, and with so many people in-between jobs (or searching for jobs), they might not be as careful with each and every message received.

To top it off, these phishing emails often mention high-profile companies, to further motivate (or distract) people into clicking the link in the message. 

The link, as you might imagine, will lead the victim to a website that looks identical to LinkedIn, but submitting the credentials there only means the details of their identities end up in the hands of the crooks.

"The attacks we have seen are bypassing traditional email security defenses to be delivered into people's inboxes. We advise organizations to examine their current anti-phishing securing stack to ensure they have intelligent controls deployed directly into people's mailboxes," Egress said.

Read more

> LinkedIn URLs are being hijacked for phishing

> This LinkedIn phishing scam abuses Google Forms to siphon your personal details

> LinkedIn emails are hiding phishing scams

"Individuals should take extreme caution when reading notification emails that request them to click on a hyperlink, particularly on mobile devices. We recommend hovering over links before clicking on them and going directly to LinkedIn to check for messages and updates."

LinkedIn, we would add, is not the only company being impersonated by cybercrooks in search of gullible users. Other major brands are being used for phishing as well, such as Amazon, DHL, Microsoft, and many, many others. Users should always pay attention to emails that carry links, or attachments, regardless of who the sender is. 

Via: ZDNet

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
linkedin
Watch out - that LinkedIn email could be a fake, laden with malware
Hacker silhouette working on a laptop with North Korean flag on the background
North Korean hackers are targeting LinkedIn jobseekers with new malware - here's how to stay safe
Fraude en ligne phishing
Phishing clicks nearly tripled in 2024 as criminals aim for smarter attacks
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Everything you need to know about phishing
Phishing
Corporate executives are being increasingly targeted by AI phishing scams
unblock facebook with vpn
A new Facebook phishing campaign looks to trick you with emails sent from Salesforce
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
More about security
cybersecurity

Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak

A major Keenetic router data leak could put a million households at risk
Tesla Model Y 2025

Tesla’s EU sales are in freefall as VW races ahead, but the Model Y could change all that
See more latest
Most Popular
Tesla Model Y 2025
Tesla’s EU sales are in freefall as VW races ahead, but the Model Y could change all that
Asus NUC 15 Pro+
Asus unveils its most powerful mini PC to date — but I don't think the Intel-powered NUC 15 Pro+ will compete with Strix Halo models
HDD
Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks