linkedin: 3 photos that tell how scam on LinkedIn works

NEW DELHI: Check Point Research (CPR) has a ‘warning’ for LinkedIn users. The security company has released its 2022 Q1 Brand Phishing Report which names Microsoft-owned professional social networking website most vulnerable to ‘hacking attacks’. The report highlights the companies and brands that hackers most often imitated in this year to lure users into giving up their personal data. The LinkedIn tops the list globally, marking more than 50% of all phishing attacks. The report shows how cybercriminals try to imitate the official website of LinkedIn by using a similar domain name or URL and web-page design. The link to the fake website is sent to targeted individuals by email or text message. Other techniques include a user is redirected during web browsing or via a fake mobile app. This fraud website often contains a form intended to steal users’ credentials, payment details and other personal information.

The report shares two photos that show how scams work on the LinkedIn platform.

In this phishing email, there’s an attempt to steal a user’s LinkedIn account information. The email (seen in the picture), which was sent from the email address “LinkedIn (smtpfox-6qhrg@tavic[.]com[.]mx)”, contained the subject “M&R Trading Co.,Ltd XXXXXXX. The attacker is trying to lure the victim to click on a malicious link, which redirects the user to a fraudulent LinkedIn login page (as seen in the picture below). In the malicious link (https://carriermasr.com/public/linkedIn[.]com/linkedIn[.]com/login[.]php), the user needed to enter his/her username and their password.

What can users do to keep safe
* Be cautious when sharing personal data and credentials to business apps or websites
* Think twice before opening email attachments or links, especially emails that claim to be from companies such as LinkedIn or DHL
* Look for misspellings in emails
* Beware of urgent requests, such as change your password now