Security News

LinkedIn remains the most impersonated brand in phishing attacks
2022-07-20 15:36

LinkedIn is holding the top spot for the most impersonated brand in phishing campaigns observed during the second quarter of 2022. Compared to the first quarter of the year, LinkedIn impersonation dropped from 52% to 45%. However, it maintains a considerable distance from the second most imitated brand by fraudsters, Microsoft, currently at 13%. The central theme in spoofed Microsoft emails is requests to verify Outlook accounts to steal usernames and passwords.

LinkedIn and Microsoft are the most impersonated brands in phishing attacks
2022-07-19 13:25

LinkedIn and Microsoft are the most impersonated brands in phishing attacks. LinkedIn and Microsoft took top spots as the most exploited brands in phishing attacks last quarter, Check Point Research reported on Tuesday.

LinkedIn was the most exploited brand in phishing attacks last quarter
2022-04-19 14:55

LinkedIn was the most exploited brand in phishing attacks last quarter. A report released Tuesday by cyber threat intelligence provider Check Point Research notes LinkedIn as the brand most seen in the latest phishing campaigns.

LinkedIn brand takes lead as most impersonated in phishing attacks
2022-04-19 10:14

Security researchers are warning that LinkedIn has become the most spoofed brand in phishing attacks, accounting for 52% of all such incidents at a global level. The data comes cybersecurity company Check Point, who recorded a dramatic uptick in LinkedIn brand abuse in phishing incidents in the first quarter of this year.

Massive LinkedIn Phishing, Bot Attacks Feed on the Job-Hungry
2022-02-16 21:15

Just since Feb. 1, analysts have watched phishing email attacks impersonating LinkedIn surge 232 percent, attempting to trick job seekers into giving up their credentials. The phishing emails themselves were convincing dupes, built in HTML templates with the LinkedIn logo, colors and icons, the report added.

Don't fall for LinkedIn phishing: How to watch for this credential-stealing attack
2021-11-15 16:00

Learn how to detect phishing on LinkedIn and protect yourself from it. Abusing LinkedIn is one of those techniques that is very effective because a lot of professionals use and depend on LinkedIn for their activities or work relationships.

You can post LinkedIn jobs as almost ANY employer — so can attackers
2021-08-19 16:52

"Anyone can post a job under a company's LinkedIn account and it appears exactly the same as a job advertised by a company." If Google's LinkedIn company page is vulnerable, we will be able to post a job on their behalf and add some parameters to redirect applicants to a new website where we can harvest and what not usual tricks of social engineering," Singh further told BleepingComputer.

You can post LinkedIn jobs as ANY employer — so can attackers
2021-08-19 16:52

EXCLUSIVE: Anyone can create a job listing on the leading recruitment platform LinkedIn on behalf of any employer-no verification needed. "Anyone can post a job under a company's LinkedIn account and it appears exactly the same as a job advertised by a company."

Safari Zero-Day Used in Malicious LinkedIn Campaign
2021-07-15 11:04

Threat actors used a Safari zero-day flaw to send malicious links to government officials in Western Europe via LinkedIn before researchers from Google discovered and reported the vulnerability. TAG researchers discovered the Safari WebKit flaw, tracked as CVE-​2021-1879, on March 19.

Google: Russian SVR hackers targeted LinkedIn users with Safari zero-day
2021-07-14 16:56

Google security researchers shared more information on four security vulnerabilities, also known as zero-days, unknown before they discovered them being exploited in the wild earlier this year. The four security flaws were found by Google Threat Analysis Group and Google Project Zero researchers after spotting exploits abusing zero-day in Google Chrome, Internet Explorer, and WebKit, the engine used by Apple's Safari web browser.