Security News > 2022 > April > LinkedIn brand takes lead as most impersonated in phishing attacks
Security researchers are warning that LinkedIn has become the most spoofed brand in phishing attacks, accounting for 52% of all such incidents at a global level.
The data comes cybersecurity company Check Point, who recorded a dramatic uptick in LinkedIn brand abuse in phishing incidents in the first quarter of this year.
According to the company, in the last quarter of 2021, LinkedIn held the fifth spot on the list, the count for impersonating attacks being a much lower 8%. The second most mimicked brand is German package delivery DHL, which previously was at the top of the list.
In a LinkedIn impersonation sample that Check Point provided, the phishing email reaching the target's inbox features LinkedIn logos and company-specific style, with a fraudulent request to connect with a made-up firm.
In the case of LinkedIn, which is a professional-focused social media platform, the threat actors are likely aiming to perform spear-phishing attacks on high-interest targets, employees of specific companies and organizations.
The scale recorded by Check Point this time indicates that LinkedIn impersonation is no longer limited to advanced, narrow targeting threat groups like Lazarus.
News URL
Related news
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)