LinkedIn phishing attacks have increased by 232% since the start of February. LinkedIn scams have been tricking users into clicking on phishing links in Outlook 365. They trick users into entering their credentials into fraudulent websites.
LinkedIn sends emails to its users like “You appeared in four searches this week,” “You have one new message,” and “Your profile matches this job.”
However, scammers are now sending fake emails with the same subject lines. These scams use webmail addresses with a LinkedIn display name and stylized HTML templates. This trick helps scammers by socially engineering victims into trusting them.
LinkedIn email phishing scams
According to cybersecurity firm Egress, “The emails use multiple stylized HTML templates, including the LinkedIn logo, brand colors, and icons. Within the body of the email, these cybercriminals use other well-known organizations’ names (including American Express and CVS Carepoint) to make the attacks more convincing.”
Email phishing scams are particularly concerning right now as many people are looking for jobs on LinkedIn. The platform has hundreds of millions of users who see these emails on LinkedIn.
“When clicked, the phishing links send the victim to a website that harvests their LinkedIn log-in credentials. The footer features elements from LinkedIn’s genuine email footer, including their global HQ address, hyperlinks to unsubscribe and to their support section, and the recipient’s information.”Cybersecurity firm Egress
The firm advises that individuals take extreme caution when reading notification emails, particularly on mobile devices. Especially the ones that request them to click on a hyperlink. They recommend hovering over the links before clicking on them or directly going to the LinkedIn website.