Scam Of The Week: LinkedIn Support Phishing Emails



The scam is at least 15 years old if not more, but unfortunately this type of social engineering still works. Remind your users one more time that emails like this can hit their inbox at any time, because some modern spam techniques are able to bypass all the mail filters you have in place. I would send them this, or something close to it. Feel free to edit and send it to all employees and friends. (You could suggest they turn on LinkedIn's two-factor authentication).
"Recently scammers are attacking people on LinkedIn with phishing emails claiming to be a LinkedIn Tech Support message. In these fake e-mails it is stated that "irregular activities" are happening on your LinkedIn account which require a mandatory security update of your account.

Obviously this is all a scam, and the purpose of the emails is to get you to fill out an attached HTML form which is a spoofed LinkedIn login page. What you fill out does not get you logged into the site but it gets sent to the bad guys who then own your account.

You can recognize this scam because the email uses a lowercase "i" instead of a capital "I" when spelling “Linkedin”. Here is how the scam email looks. Remember: "When in doubt, throw it out!"

linkedin-email-scam

Despite all the software and hardware protection layers in place, things slip by on a regular basis. The bad guys have their own labs and run all the popular spam filters in-house, so they can test until they have a phishing attack that makes it through.

You really need a "human firewall" in place so stepping your users through effective security awareness training is a must these days. Find out how affordable this is for your organization today.

Get A Quote Now

 

Hat Tip to Stanam Narang at Symantec.

 




Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews