![]() Dating/Romance Scams, which are often initiated through LinkedIn's InMail feature but which inevitably lead to scams perpetrated through external email accounts.ĥ. Spoofed/Fake Connection Requests, which allow the bad guys to leverage LinkedIn's reputation with users to spring malicious downloads employees sitting inside corporate networks.Ĥ. Advance Fee/Fake Job Offer Scams, which see the bad guys using Connection Requests from fake profiles as the initial contact in schemes designed to trick users into parting ways ways with money or other valuable data.ģ. Credentials Phishes, in which the bad guys use spoofed LinkedIn support notices to trick unwitting victims into coughing up the credentials to their LinkedIn accounts, which can then be leveraged for further mayhem.Ģ. Just as corporate recruiters ply LinkedIn's treasure trove of employee data to find potential recruits for open positions, malicious actors mine that same collection of data to identify potential marks for business email compromise attacks, including wire transfer and W-2 social engineering scams, as well as a number of other creative ruses including:ġ. LinkedIn has been the focus of online scams and phishing attacks for a number of years now, primarily because of the wealth of data it offers on employees at corporations. This time it's LinkedIn, the social networking service familiar to hundreds of millions of users and now a staple in American business culture. Recently we encountered yet another successful attempt to convert a legitimate online service into a phishing platform. Those unwary enough to click the embedded links included in those malicious emails were rewarded with the Chthonic banking trojan. Several months ago we blogged about a startling discovery by threat researchers at Proofpoint: the bad guys had figured out a way to turn Paypal itself into a phishing platform, exploiting the "money request" feature in Paypal, which allows senders to include a personalized message, to phish potential victims via malicious emails delivered through Paypal's own service. ![]() ![]() By Eric Howes, KnowBe4 Principal Lab Researcher. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |