Phishing continues to be a criminals’ favourite for harvesting user credentials with more or less sophisticated social engineering tricks.
LinkedIn has been in the news for all the bad reasons. Previously, it was the data of 117 million of its users stolen back in 2012, leaked in 2016 and sold on the darknet afterwards. In the latest, cyber criminals are targeting LinkedIn users with a sophisticated phishing scam in which the idea is to trick the user into believing that their LinkedIn account has a security issue which can be solved only by providing their personal details. This Phishing Link Widely Spreading Champaign that Mimics as Legitimate Gmail and other Email Provides Login Page.
The campaign was identified by researchers at Heimdal Security who pointed out that the brain behind this scam is looking for users’ financial details, driving license and or passport copy. The purpose of collecting this information is to not only hijacking their account but also conduct further scams by stealing their identity.
Most appear as if the LinkedIn user is sharing a Google Drive file with the victim and contain a malicious link, obscured by a URL shortener to hide its true destination. The link then redirects to a phishing site for Gmail and other email providers which require potential victims to log in. Those who proceed will have their username, password, and phone number stolen but won’t realize they were duped right away. Indeed, this phishing scam ends on a tricky note with a decoy document on wealth management from Wells Fargo. URL shorteners are a well-known vehicle for spreading malware and phishing scams but they are also used for legitimate purposes, especially on social media where long URLs tend to be too cumbersome.
Furthermore, the email content also contains two links. One is a Dropbox link and other is what researchers have identified as a password reset link which leads users to the original LinkedIn password reset page. Apparently, the reason behind this is to trick users into believing that the email is legitimate and their account is in danger for real.
This is not the first time when LinkedIn users have been targeted with such scam. In the past, the users have been under target by Blackhole malware, trojans developed to steal login credentials of job seekers and even fake profiles pretending as job recruitment officials.
Beware of the malicious phishing links and don’t provide any credential information to untrusted website!!!
Most appear as if the LinkedIn user is sharing a Google Drive file with the victim and contain a malicious link, obscured by a URL shortener to hide its true destination. The link then redirects to a phishing site for Gmail and other email providers which require potential victims to log in. Those who proceed will have their username, password, and phone number stolen but won’t realize they were duped right away. Indeed, this phishing scam ends on a tricky note with a decoy document on wealth management from Wells Fargo. URL shorteners are a well-known vehicle for spreading malware and phishing scams but they are also used for legitimate purposes, especially on social media where long URLs tend to be too cumbersome.
Furthermore, the email content also contains two links. One is a Dropbox link and other is what researchers have identified as a password reset link which leads users to the original LinkedIn password reset page. Apparently, the reason behind this is to trick users into believing that the email is legitimate and their account is in danger for real.
This is not the first time when LinkedIn users have been targeted with such scam. In the past, the users have been under target by Blackhole malware, trojans developed to steal login credentials of job seekers and even fake profiles pretending as job recruitment officials.
Beware of the malicious phishing links and don’t provide any credential information to untrusted website!!!
No comments:
Post a Comment