Security News > 2022 > February > Massive LinkedIn Phishing, Bot Attacks Feed on the Job-Hungry

Just since Feb. 1, analysts have watched phishing email attacks impersonating LinkedIn surge 232 percent, attempting to trick job seekers into giving up their credentials.

The phishing emails themselves were convincing dupes, built in HTML templates with the LinkedIn logo, colors and icons, the report added.

"While the display name is always LinkedIn and the emails all follow a similar pattern, the phishing attacks are sent from different webmail addresses that have zero correlation with each other," the analysts added.

Last summer, a massive data-scraping attack against LinkedIn was discovered to have collected at least 1.2 billion user records that were later sold on underground forums.

"It boils down to the fact that LinkedIn has hundreds of millions of members - many of whom are very accustomed to seeing frequent legitimate emails from LinkedIn - and may inevitably click without carefully checking that each and every email is the real deal."

"Given these emails are coming from a legit LinkedIn email address makes it especially difficult to identify the danger. My rule is to never click on email links. Always visit the site directly."

News URL

https://threatpost.com/massive-linkedin-phishing-bot-attacks-hungry-job-seekers/178476/