LinkedIn users targeted for spam attacks

LinkedIn users targeted for spam attacks

Summary: Cybercriminals have targeted LinkedIn users in a concerted spam attack, according to Cisco security company IronPort.

TOPICS: Security

Cybercriminals began a campaign Monday that targeted LinkedIn users in a concerted spam attack, Cisco senior security researcher Henry Stern told ZDNet UK on Tuesday. What differentiated the campaign from others was the scale of the attack and the fact that it targeted business users, he said.

"The combination of extremely high volume and the focus on business users suggests the attackers are interested in employees with access to online bank accounts," said Stern. "We've provided LinkedIn with the information they need to take action against the spammers."

At one point on Monday, over a quarter of the spam hitting Cisco nodes was due to this particular attack, Stern said, with billions of emails being sent. The emails were not targeted, but were designed for LinkedIn users to self-select, he added.

For more on this story, read Spammers try to dupe LinkedIn users in Zeus attack on ZDNet UK.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: LinkedIn users targeted for spam attacks

    Over the last couple of months I've had the occasional spam posing as LinkedIn communication. Usually it appears to be headhunters. I'm normally a pretty placid guy, but I'd support the death penalty for spammers.
    • RE: LinkedIn users targeted for spam attacks

      the article is wrong, linkedin users were NOT targeted, they were spoofed as the spammer, so you would click the link and be redirected to an infected website.
      • Splitting hairs

        @bspurloc I agree that LinkedIn didn't have a leak of user info, so I see what you're saying, but they were targeting LinkedIn users in the sense that someone with no LinkedIn account is going to ignore the emails, whereas I might (in theory) not. I am targeted because it's me and my corporate bank accounts that they're after, those without LinkedIn accounts are collateral.
  • RE: LinkedIn users targeted for spam attacks

    got two of them usual I go to the site...not clicking the email links....guess messages....
  • I got one of these (first) today

    Thing is, I am not a member of LinkedIn. The email landed in my GMAIL spam box. I simply deleted it.
  • RE: LinkedIn users targeted for spam attacks

    I do not use my corporate email account for LinkedIn, so it was pretty clear that the messages arriving via corporate email could not have originated from LinkedIn.

    Why use a corporate account for LinkedIn, unless there's no concern for the boss snooping your LinkedIn alerts?
  • RE: LinkedIn users targeted for spam attacks

    my spam filter has picked up close to 90 of them in the past few days. Occasionally one gets through, but I won't click on them.
  • learn your terms, they were spoofed not targeted.

    The internet was the target of linkedin spoofed emails. Get your story right.
  • RE: LinkedIn users targeted for spam attacks

    I occasionally see (what I consider to be) spam as posts to the groups discussions. Is this what this article is referring to?
    • RE: LinkedIn users targeted for spam attacks

      no these are emails that indicated they are from linked in community members.
  • Spam/spoof attacks

    I started getting dozens of fake message updates. The first few said I had 2 messages and a name of someone at the top, I checked a few other emails with the same appearance but different names. The message looks like the one Linkedin sends when someone wants to add as a contact. Most were caught in the spam filter but a few made it to the suspect mail filter.
  • The Cisco guru is wrong

    So much for the 'Senior Researcher's research... This is simply spam cloned in a standard Linked in format, I do have a Linked in account but none of them are coming to the email alias that I use for Linked in. These messages only come to my other email aliases.
  • RE: LinkedIn users targeted for spam attacks

    Heck I got about 20 today and I dont even have a linkedin account, but from what i see they are not even a good spoof as the links provided show the accual site
  • RE: LinkedIn users targeted for spam attacks

    yep...saw the same thing...
  • Just point out the perps, we have a cure... its called 45 ACP antispam pill

    Simply give some names and addresses, ammo is cheap and it prevents reoccurances of the offence.
    Reality Bites
  • RE: LinkedIn users targeted for spam attacks

    I have received about 20 a day for the past week. I've never had a linkedin acct and never would so I would not ever be stupid enough to click these. (I always check the headers of suspicious emails anyway). All these are is a pain to have to delete and take up bandwidth. All are being sent to the same addresses as all my other spams - email addresses that years ago got posted unprotected on the web.
  • RE: LinkedIn users targeted for spam attacks

    Well I do use the service, however I use the term "use" loosly. This type of event, regardless if it originates from spoofed addresses or if it is the target of this type of attack, is one of the primary reasons that I have only a cursory interest in networking sites, including LinkedIn. I think these bonehead spammers rely on the fact that you either have to be thouroughly throttled with a dumb stick, are working late into the night and are starting to fall asleep (compromising your normal thought patterns) or just don't know any better (aka ignorant) to fall for this kind of BS.

    I almost want to applaud a spammer that actually puts a little effort into making a spoof actually appear real. At least I have a momentary bit of enjoyment figuring out if the e-mail is ligitimate or not. But when I see this canned spam spewing forth and there is barely an attempt to disguise it I just get enfuriated once again with these idiots that feel they need to clog up the internet with their trash.

    I can only say that it is truly a shame that these spammers can't be caught and have all of their fingers amputated. I'm sure the internet would immediatly realize a performance improvement of unprecidented proportions.
  • RE: LinkedIn users targeted for spam attacks

    My account was suspended by LinkedIn as they later told me that my account was being used (somehow) to generate thousands of page views per day. I have no idea how this could have happened. Anyone have clarity?