在LinkedIn网络钓鱼中留意这个凹凸必威平台APP必威官方登录备用Malwarebytes Labs.

Watch out for this bump in LinkedIn phishing

发布：February 19, 2022byChristopher Boyd

LinkedIn有时被遗忘，在更一般的网络钓鱼攻击覆盖范围内。Facebook，Twitter和Instagram等社交媒体网站经常关注。Cryptowallet.客户支持诈骗在回复中运行狂野，到任何加密货币主题推文。Facebook用户通常可以找到处理受损帐户asking for money。Instagram已经a wave of influencers having their账户持有赎金。The big questions is: have you ever wondered what’s on LinkedIn?

Presenting: What’s on LinkedIn

It’s not just endless spam for unsuitable job positions and motivational speeches. It turns out there’s a whole lot of phishing happening behind the scenes, too. At the beginning of February, Brian Krebs reported thatscammers are using “Slinks”to redirect to phishing pages. Worse still, that particular technique has been around since 2016. In the most recent example, the phishing attempts seen in the wild were not hunting LinkedIn accounts specifically. Even so, tying bad URLs to reassuringly convincing LinkedIn redirects will always end badly for someone.

More recently…

越来越大的网络钓鱼

Research claims that bogus imitation LinkedIn mails haveincreased around 232%since the beginning of February. Overfamiliarity with a stream of genuine messages mentioning profile views, new messages, and employment opportunity suitability may be causing people to start clicking through. Times are tough out there, and given LinkedIn is a natural fit for networking and job hunting it’s understandable that some folks will click everything in sight.

I’m a professional (phisher)

The mails are convincingly branded, look realistic, and emulate the real thing in a way that may drift past people’s sense of caution. The research points out that the fake mails also piggyback on the back of other genuine brands to make themselves look even more convincing. CVS Carepoint and American Express are two of the brands named as being spoofed in the fake mails.

Should someone click through to the phishing pages and start entering details, they may well lose the login credentials. Unlike the attacks from the beginning of February, these mails are specifically looking for LinkedIn password and username combinations. The research doesn’t say what the scammers do with the accounts once harvested, but it’s a good bet they’ll be used for spamming, social engineering, or even just more phishing attempts.