Security News > 2022 > February > Massive LinkedIn Phishing, Bot Attacks Feed on the Job-Hungry
Just since Feb. 1, analysts have watched phishing email attacks impersonating LinkedIn surge 232 percent, attempting to trick job seekers into giving up their credentials.
The phishing emails themselves were convincing dupes, built in HTML templates with the LinkedIn logo, colors and icons, the report added.
"While the display name is always LinkedIn and the emails all follow a similar pattern, the phishing attacks are sent from different webmail addresses that have zero correlation with each other," the analysts added.
Last summer, a massive data-scraping attack against LinkedIn was discovered to have collected at least 1.2 billion user records that were later sold on underground forums.
"It boils down to the fact that LinkedIn has hundreds of millions of members - many of whom are very accustomed to seeing frequent legitimate emails from LinkedIn - and may inevitably click without carefully checking that each and every email is the real deal."
"Given these emails are coming from a legit LinkedIn email address makes it especially difficult to identify the danger. My rule is to never click on email links. Always visit the site directly."
News URL
https://threatpost.com/massive-linkedin-phishing-bot-attacks-hungry-job-seekers/178476/
Related news
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)