Phishing attacks impersonating LinkedIn emails grew by over 230% in the month of February 2022 alone.
According to a recently conducted study by Egress, a cybersecurity firm, cybercriminals are increasingly using webmail addresses with LinkedIn display names to send fake emails containing similar subject lines. Most people have been accustomed to seeing emails from LinkedIn with messages such as, “You have 1 new message”, “You appeared in 4 searches this week”, and “Your profile matches this job.”
The report from Egress indicated that the emails deploy different stylized HTML templates, including LinkedIn brand icons, colors, and logos. Inside the email, the cybercriminals use other names from well-known organizations, such as CVS, Carrefour, and American Express, to make their attacks appear more convincing.
Cybersecurity researchers at Check Point Software have further urged LinkedIn users to watch out for suspicious emails because over half of all phishing attacks (52% for the first half of 2022) tried to leverage LinkedIn.
How the Phishing Emails Work
The phishing emails used by cybercriminals are designed to make them appear as if they come from LinkedIn. If the unsuspecting recipient clicks on the link, they are sent to a login page created to seem like LinkedIn. If the individual enters their email address and password, they would be, in the real sense, handing them to the attacker, who, in turn, uses that information to log in to the LinkedIn account of their victim.
The attacks themselves are not specifically sophisticated. However, by targeting a regularly used service such as LinkedIn, there is a high chance that many recipients would not discern that they are interacting with a phishing attack.
Omer Dembinsky, Check Point Software research manager, stated that phishing attempts are “attacks of opportunity.” He reasoned that criminal groups orchestrate such phishing attempts on a grand scale to get as many people as possible to give out their personal data. In most cases, the primary objective, as witnessed through LinkedIn attacks, is to steal passwords and usernames. However, the same links can be used to share attachments that attackers use to deliver malware.
How to Stay Safe
The report by Egress encourages firms to safeguard their information systems by training employees to identify suspicious anomalies such as incorrect dates, misspelled domains, typos, and other details that can easily expose a malicious text message or email. LinkedIn users, to be specific, must be highly vigilant because of worrying trends.
Another crucial step involves applying the multi-factor authentication provided by LinkedIn, which can offer an extra barrier against phishing. Researchers further encourage LinkedIn users to report suspicious messages to assist them in learning more about the steps they can take to protect themselves, including reminders to turn on two-step verification.
Another common phishing tactic in emails is to tell the users that they have been hacked. If one feels that a cybersecurity warning email requiring them to change their password may be legitimate, experts recommend avoiding the email and visiting the LinkedIn site directly. If the concern is genuine, the website will recommend the best action.