blog.malwarebytes.com Open in urlscan Pro
130.211.198.3  Public Scan

Form analysis
3 forms found in the DOM

<form><span class="fieldset">
    <p><input type="checkbox" value="check" id="chkMain" checked="checked" class="legacy-group-status optanon-status-checkbox"><label for="chkMain">Active</label></p>
  </span></form>

GET

<form id="search-form" onsubmit="submitSearchrightrail(event)" method="get">
  <div class="searchbar-wrap-rightrail">
    <label for="cta-labs-rightrail-search-submit-en" aria-label="cta-labs-rightrail-search-submit-en" aria-labelledby="cta-labs-rightrail-search-submit-en">
      <input type="text" id="st-search-input-rightrail" class="st-search-input-rightrail" placeholder="Search Labs">
    </label>
    <button type="submit" id="cta-labs-rightrail-search-submit-en" aria-label="Submit your search query"><span class=""><img src="https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/search.svg" alt="Magnifying glass"></span>
    </button>
  </div>
</form>

//www.malwarebytes.com/newsletter/

<form class="newsletter-form form-inline" action="//www.malwarebytes.com/newsletter/" _lpchecked="1">
  <div class="email-input">
    <label for="cta-footer-newsletter-input-email-en" aria-label="cta-footer-newsletter-input-email-en" aria-labelledby="cta-footer-newsletter-input-email-en">
      <input type="text" class="email-input-field" id="cta-footer-newsletter-input-email-en" name="email" placeholder="Email address">
    </label>
    <input name="source" type="hidden" value="">
    <input type="submit" class="submit-bttn" id="cta-footer-newsletter-subscribe-email-en" value="">
  </div>
</form>

Text Content

Who doesn't like cookies?

We use cookies to help us enhance your online experience. If that sounds good,
click “Accept All Cookies” or review our Privacy and Cookie Policy.


Close
Accept All Cookies


 * Your Privacy

 * Strictly Necessary Cookies

 * Performance Cookies

 * Functional Cookies

 * Targeting Cookies

 * More Information

Privacy Preference Center

Active

Always Active



Save Settings

Allow All

The official Malwarebytes logo The official Malwarebytes logo in a blue font B

We research. You level up.

       
Personal
Personal
 * Security & Antivirus
 * Malwarebytes for Windows
 * Malwarebytes for Mac
 * Malwarebytes for Chromebook
 * Malwarebytes Browser Guard
 * Overview

 * Security & Antivirus for Mobile
 * Malwarebytes for Android
 * Malwarebytes for iOS
 * Online Privacy
 * Malwarebytes Privacy VPN

 * Get Started
 * Explore all Personal Products
 * Explore Pricing

 * FREE TRIAL OF MALWAREBYTES PREMIUM
   
   Protect your devices, your data, and your privacy—at home or on the go.
   
   Get free trial

Business
Business
   Solutions
 * BY COMPANY SIZE
 * Small Business
    1-99 Employees 
 * Mid-size Businesses
    100-999 Employees
 * Large Enterprise
    1000+ Empoyees
 * BY INDUSTRY
 * Education
 * Finance
 * Healthcare

   Products
 * CLOUD-BASED SECURITY MANAGEMENT AND SERVICES
 * Endpoint Protection
 * Endpoint Protection for Servers
 * Endpoint Detection & Response
 * Endpoint Detection & Response for Servers
 * Incident Response
 * Malware Removal Service 
 * Nebula Platform Architecture
 * CLOUD-BASED SECURITY MODULES
 * Vulnerability & Patch Management 
 * Remediation for CrowdStrike®
 * NEXT-GEN ANTIVIRUS FOR SMALL BUSINESS
 * For Teams

 * Get Started
 *  * Find the right solution for your business
    * See business pricing
   
   --------------------------------------------------------------------------------
   
    * Don't know where to start?
    * Help me choose a product
   
   --------------------------------------------------------------------------------
   
    * See what Malwarebytes can do for you
    * Get a free trial
   
   --------------------------------------------------------------------------------
   
    * Our team is ready to help. Call us now
    * +1-800-520-2796

Pricing
Partners
Partners
 * Explore Partnerships

 * Partner Solutions
 * Resellers
 * Managed Service Providers
 * Computer Repair
 * Technology Partners

 * Partner Success Story
 * Marek Drummond
   Managing Director at Optimus Systems
   
   "Thanks to the Malwarebytes MSP program, we have this high-quality product in
   our stack. It’s a great addition, and I have confidence that customers’
   systems are protected."

 * See full story

Resources
Resources
 * Learn About Cybersecurity
 * Antivirus
 * Malware
 * Ransomware
 * See all
 * Malwarebytes Labs
 * Explore

 * Business Resources
 * Reviews
 * Analyst Reports
 * Case Studies
 * See all
 * Press & News
 * Learn more

 * Events
 * 
   
   
   
   Featured Event: RSA 2021

 * See Event

Support
Support
 * Technical Support
 * Support
 * Premium Services
 * Forums
 * Vulnerability Disclosure

 * Training for Personal Products
 * Training for Business Products

 * Featured Content
 * 
   
   
   
   Activate Malwarebytes Privacy on Windows device.

 * See Content

FREE DOWNLOAD
CONTACT US
COMPANY
Company
 * About Malwarebytes
 * Careers
 * News & Press

SIGN IN
Sign In
 * My Account
 * Cloud Console
 * Partner Portal

SUBSCRIBE


Level Up to Cloud-Based Business Protection. Save 25% Today >

Scams


WATCH OUT FOR THIS BUMP IN LINKEDIN PHISHING

Posted: February 19, 2022 by Christopher Boyd

We look at a study claiming LinkedIn phishing has increased by a significant
amount across February. Watch out for these bogus emails!

LinkedIn is sometimes forgotten about in more general coverage of phishing
attacks. Social media sites such as Facebook, Twitter, and Instagram receive
regular attention. Cryptowallet customer support scams run wild in the replies
to any cryptocurrency themed tweet. Facebook users can often be found dealing
with compromised accounts asking for money. Instagram has a wave of influencers
having their accounts held to ransom. The big questions is: have you ever
wondered what’s on LinkedIn?


PRESENTING: WHAT’S ON LINKEDIN

It’s not just endless spam for unsuitable job positions and motivational
speeches. It turns out there’s a whole lot of phishing happening behind the
scenes, too. At the beginning of February, Brian Krebs reported that scammers
are using “Slinks” to redirect to phishing pages. Worse still, that particular
technique has been around since 2016. In the most recent example, the phishing
attempts seen in the wild were not hunting LinkedIn accounts specifically. Even
so, tying bad URLs to reassuringly convincing LinkedIn redirects will always end
badly for someone.

More recently…


PHISHING BY INCREASINGLY LARGE NUMBERS

Research claims that bogus imitation LinkedIn mails have increased around 232%
since the beginning of February. Overfamiliarity with a stream of genuine
messages mentioning profile views, new messages, and employment opportunity
suitability may be causing people to start clicking through. Times are tough out
there, and given LinkedIn is a natural fit for networking and job hunting it’s
understandable that some folks will click everything in sight.


I’M A PROFESSIONAL (PHISHER)

The mails are convincingly branded, look realistic, and emulate the real thing
in a way that may drift past people’s sense of caution. The research points out
that the fake mails also piggyback on the back of other genuine brands to make
themselves look even more convincing. CVS Carepoint and American Express are two
of the brands named as being spoofed in the fake mails.

Should someone click through to the phishing pages and start entering details,
they may well lose the login credentials. Unlike the attacks from the beginning
of February, these mails are specifically looking for LinkedIn password and
username combinations. The research doesn’t say what the scammers do with the
accounts once harvested, but it’s a good bet they’ll be used for spamming,
social engineering, or even just more phishing attempts.


AVOIDING THE LINKEDIN SCAMMERS

These mails appear to be getting past at least some email security defences and
precautions. It’s nice to know people are checking out your profile. It’s
helpful that there are awesome jobs out there for you to check out, but be
careful! You don’t have to click into the latest email in your mailbox. Consider
navigating directly to LinkedIn yourself and seeing what’s in there.

Bogus messages and jobs referenced in the fake mails won’t be waiting for you on
the site itself. This doesn’t rule out actually being sent bogus messages and
job references on LinkedIn itself. However, going there yourself and seeing what
lies in wait at least negates the threat of the phishing mails.


RELATED

SHARE THIS ARTICLE

--------------------------------------------------------------------------------

COMMENTS



--------------------------------------------------------------------------------

RELATED ARTICLES

A week in security


A WEEK IN SECURITY (FEBRUARY 14 – FEBRUARY 20)

February 21, 2022 - The most important and interesting security stories from the
last seven days.

CONTINUE READINGNo Comments

Privacy


HOW SOCIAL MEDIA PLATFORMS MINE PERSONAL DATA FOR PROFIT

April 3, 2020 - We explore some of the ways social media use personal data to
fuel advertising and keep the profits flowing.

CONTINUE READINGNo Comments

A week in security


A WEEK IN SECURITY (NOVEMBER 18 – 24)

November 25, 2019 - A roundup of cybersecurity news from November 18 - 24,
including Coalition against stalkerware, exploit kits, ransomware, data leaks,
and juice jacking.

CONTINUE READINGNo Comments

Social engineering


DEEPFAKES AND LINKEDIN: MALIGN INTERFERENCE CAMPAIGNS

November 20, 2019 - Don't discount deepfakes just yet. We may not be fooled by
phony Mark Zuckerberg anymore, but the discovery of a fake LinkedIn profile
sporting a deepfake avatar shows how social engineering can deceive through the
mundane.

CONTINUE READINGNo Comments

Privacy


ACCESS ACT MIGHT IMPROVE DATA PRIVACY THROUGH INTEROPERABILITY

November 6, 2019 - Data privacy is back in Congressional lawmakers’ sights, as
proposed legislation called the ACCESS Act focuses not on data collection,
storage, and selling, but on the idea that Americans should be able to easily
pack up their data and take it to a competing service. But will this actually
protect privacy?

CONTINUE READINGNo Comments

--------------------------------------------------------------------------------

ABOUT THE AUTHOR

Christopher Boyd
Lead Malware Intelligence Analyst

Former Director of Research at FaceTime Security Labs. He has a very particular
set of skills. Skills that make him a nightmare for threats like you.


Contributors


Threat Center


Podcast


Glossary


Scams


Write for Labs

CYBERSECURITY INFO YOU CAN'T DO WITHOUT

Want to stay informed on the latest news in cybersecurity? Sign up for our
newsletter and learn how to protect your computer from threats.



Imagine a world without malware. We do.

FOR PERSONAL

FOR BUSINESS

COMPANY

ABOUT US

CAREERS

NEWS AND PRESS

MY ACCOUNT

SIGN IN

CONTACT US

GET SUPPORT

CONTACT SALES

3979 Freedom Circle, 12th Floor
Santa Clara, CA 95054
One Albert Quay, 2nd Floor
Cork T12 X8N6
Ireland

   English
Legal
Privacy
Accessibility
Terms of Service


© 2022 All Rights Reserved

Select your language

 * English
 * Deutsch
 * Español
 * Français
 * Italiano
 * Português (Portugal)
 * Português (Brasil)
 * Nederlands
 * Polski
 * Pусский
 * 日本語
 * Svenska

Cybersecurity basics

Your intro to everything relating to cyberthreats, and how to stop them.