More and more phishing campaigns are targeting LinkedIn users. According to the company specializing in computer security Egress, the number of phishing attacks has increased by 232% since the beginning of February 2022. A worrying phenomenon at a time when the professional social network is recording more and more users.
With hundreds of millions of users around the world, LinkedIn has always been a prime target for hackers and crooks of all stripes. Examples of this abound. We remember this hack which allowed a hacker to sell the data of 827 million accounts. Or those fake job offers that hid malware.
However, since the beginning of February 2022, the number of phishing campaigns targeting users of the professional social network is skyrocketing. This is in any case what reveals a survey conducted by the company specializing in computer security Egress. According to their data, Phishing attacks increased by 232% in just one month. The modus operandi remains classic: hackers exploit and hijack LinkedIn’s image in fake emails to encourage victims to enter their credentials.
A task clearly facilitated by the very operation of LinkedIn, which is used to to send multiple e-mails to its users to inform them of various informationsuch as the number of times their profile has appeared in searches, new incoming messages or whether their profile matches recent job offers.
Also read: Meta attacks two scammers for flooding Facebook with phishing
LinkedIn, a prime target for phishing campaigns
Of course, hackers use these different objects to fool users. “The emails use several stylized HTML templates, including the LinkedIn logo, brand colors, and icons. In the body of the email, the cybercriminal uses the names of other well-known organizations to make the attacks more convincing,” details one of the members of Egress.
He pursues : “When the victim clicks on the phishing link, it redirects them to a website that harvests their LinkedIn login credentials. The footer replicates elements from the footer of genuine LinkedIn emails, including the corporate office address, hyperlinks to unsubscribe and to their support section, and recipient information.”
Their research focused only on the United States and the United Kingdom, Mays it’s a safe bet that these campaigns also target French users. In the opinion of the researchers, the easiest way to avoid being trapped is to systematically go to the LinkedIn site to check for messages and updates, rather than going through these potentially dangerous emails.