Phishing emails targeting LinkedIn accounts are on the rise. Here's what to watch out for

Cyber criminals want usernames, passwords and other personal information - don't let them have it.

How hackers exploit the names of brands you trust to trick you into opening phishing emails

LinkedIn users are being urged to watch out for suspicious emails because the professional networking website is one of the most popular brands targeted by cyber criminals in phishing attacks.

According to cybersecurity researchers at Check Point, who analysed phishing emails sent during the first three months of this year, over half of all phishing attacks (52%) attempted to leverage LinkedIn. 

The phishing emails are designed to look like they come from LinkedIn, but if the recipient clicks the link, they're sent to a login page designed to look like LinkedIn, and if they enter their email address and password, they'll be handing them to the attacker, who can use that information to log in to the victim's LinkedIn account. 

SEE: A winning strategy for cybersecurity (ZDNet special report)

The attacks aren't particularly sophisticated. But by targeting a commonly used service like LinkedIn, there's a good chance that some of the recipients won't spot that what they're interacting with is a phishing attack. 

"These phishing attempts are attacks of opportunity, plain and simple. Criminal groups orchestrate these phishing attempts on a grand scale, with a view to getting as many people to part with their personal data as possible. Some attacks will attempt to gain leverage over individuals or steal their information, such as those we're seeing with LinkedIn," said Omer Dembinsky, data research group manager at Check Point Software. 

While LinkedIn was the most commonly spoofed brand for phishing attacks during the reporting period, it's far from the only known company that cyber criminals are attempting to leverage in attacks. Some of the other brands cyber criminals spoof in phishing emails include DHL, Google, Microsoft, FedEx, WhatsApp, Amazon and Apple. 

In many cases, the aim, like the LinkedIn attacks, is to steal usernames and passwords, although researchers warn that, in some cases, malicious links and attachments are used to deliver malware

Cyber criminals send out mass-phishing campaigns because, unfortunately, they tend to work – people are clicking malicious links and downloading attachments. But there are often tell-tale signs that an email could be a malicious phishing message.  

"Employees should be trained to spot suspicious anomalies such as misspelled domains, typos, incorrect dates and other details that can expose a malicious email or text message. LinkedIn users, in particular, should be extra vigilant over the course of the next few months," said Dembinsky. 

LinkedIn provides users with the ability to use multi-factor authentication, which, if applied, can provide an extra barrier against phishing attacks. 

"Our internal teams work to take action against those who attempt to harm LinkedIn members through phishing. We encourage members to report suspicious messages and help them learn more about what they can do to protect themselves, including turning on two-step verification," a LinkedIn spokesperson told ZDNet in an email.

"To learn more about how members can identify phishing messages, see our Help Center here," they added.

Some of the warning signs that an email might be an attempted phishing attack can include the message containing bad spelling, grammar, and a message that isn't addressed to you personally, or a message claiming to be urgent that needs to be acted upon immediately. Messages asking you to download an attachment to install a software update should also be treated with caution.

A common tactic used in phishing emails is to tell users that their account has been hacked. If you are worried that an email with a cybersecurity warning that says you need to change your password might be legitimate, the best course of action is to avoid the URL in the email and visit the website directly. If there really is an issue, the website will tell you and you can take the necessary action. 

MORE ON CYBERSECURITY

Show Comments