The so-called “Great Resignation” and LinkedIn’s frequent email notifications are creating the perfect environment for criminals looking to steal login information from unsuspecting victims, researchers have warned.
A report from cybersecurity experts Egress found cybercriminals have noticed the opportunity to steal identities with the help of Linkedin's email notifications, as the number of phishing emails impersonating the recruitment site has grown 232%In February 2022 alone.
The premise is simple: threat actors know that LinkedIn sends numerous email notifications almost every day: from “you’ve appeared in X searches this week,” to “your profile matches this job,” to anything else in between.
Everyone's used to LinkedIn's emails
They also know that with these emails being frequent, and with so many people in-between jobs (or searching for jobs), they might not be as careful with each and every message received.
To top it off, these phishing emails often mention high-profile companies, to further motivate (or distract) people into clicking the link in the message.
The link, as you might imagine, will lead the victim to a website that looks identical to LinkedIn, but submitting the credentials there only means the details of their identities end up in the hands of the crooks.
“The attacks we have seen are bypassing traditional email security defenses to be delivered into people's inboxes. We advise organizations to examine their current anti-phishing securing stack to ensure they have intelligent controls deployed directly into people's mailboxes,” Egress said.
“Individuals should take extreme caution when reading notification emails that request them to click on a hyperlink, particularly on mobile devices. We recommend hovering over links before clicking on them and going directly to LinkedIn to check for messages and updates.”
LinkedIn, we would add, is not the only company being impersonated by cybercrooks in search of gullible users. Other major brands are being used for phishing as well, such as Amazon, DHL, Microsoft, and many, many others. Users should always pay attention to emails that carry links, or attachments, regardless of who the sender is.
Via: ZDNet
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba