LinkedIn is known as a professional social networking website that helps to connect companies with experienced professionals. But in the past few months, the company’s name is being used by cyber criminals as the most spoofed brand to send phishing emails.
Check Point, a security-based research firm found in its analysis that LinkedIn’s name is being abused by cyber criminals in sending phishing emails to innocent professionals so far in the year 2022.
Last year, LinkedIn was seen at the 5th spot with the count of impersonating attacks lying at 8%.
This year, it has surpassed package delivery company DHL and topped the list of the most used brand in sending impersonating emails.
Next in the list are companies such as DHL and FedEx sharing the same spot and Maersk, Ali Express and Blue Dart.
Meaning, criminals are using the name of these companies and sending malicious emails to victims saying that a parcel on their name is about to be delivered and the company needs to know some personal details from the victim for parcel authentication.
Information such as email ID, contact number and sometimes Dobs are being asked by the hackers for parcel delivery and after they get such details, they vanish without a trace- only to use the details thereafter to launch hacking campaigns.
With LinkedIn, the usage and attack posture are different. The criminals use the company logo and name and first send connection request emails to the victims. And as soon as the victim clicks on the “Accept Button” they take the victim to a phishing website that then harvests their personal info from the infected system or smart phone.
So, all you guys using LinkedIn, please beware of such cyber attack attempts before it is too late.