/>
X
Innovation

Spoofed LinkedIn emails serving client-side exploits

Cybercriminals are currently brand-jacking LinkedIn in an attempt to trick end users into clicking on client-side exploits serving links found in the spoofed emails.
Written by Dancho Danchev, Contributor on

Cybercriminals are currently brand-jacking LinkedIn in an attempt to trick end users into clicking on client-side exploits serving links found in the spoofed emails.

According to security researchers from GFI Labs, the spamvertised campaign is redirecting users to the Black Hole web malware exploitation kit, that is ultimately dropping a Cridex malware variant on the infected PCs.

Spamvertised subjects

  • LinkedIn Invitation from your colleague
  • LinkedIn Invitation from your co-worker
  • LinkedIn Reminder from your colleague
  • LinkedIn Notification
  • LinkedIn private message

Spamvertised message:

  • There are a total of 1 messages awaiting your response. Visit your InBox now.

End and corporate users are advised to avoid interacting with the emails, and to ensure that they are running the latest versions of their third-party software and browser plugins.

Editorial standards

Related

The 19 best Cyber Monday deals under $30
Amazon Fire TV Stick 4K

The 19 best Cyber Monday deals under $30

Live blog: 100+ of the best Cyber Monday deals
Large white Cyber Monday text with electronics behind it

Live blog: 100+ of the best Cyber Monday deals

The 51 best Cyber Monday deals on Amazon right now
Image of Amazon Echo Show 8 on a wooden table in front of a person cooking and folding pastry dough.

The 51 best Cyber Monday deals on Amazon right now