SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
14 Sep 2017

LinkedIn phishing scam: compromised accounts attack user messages

Hackers have launched a new phishing campaign against LinkedIn members that uses compromised LinkedIn accounts to send messages with malicious links and downloads to potential victims in an attempt to steal credentials and personal information.

The campaign, first spotted by security researchers at cybersecurity firm Malwarebtyes, makes use of real LinkedIn accounts that have been compromised in order to make the phishing messages sent via LinkedIn’s messaging system appear legitimate.

According to Malwarebytes researchers, the attackers have managed to hijack a number of LinkedIn member accounts, including some with paid Premium membership status that allows them to contact users directly—even those who they are not directly connected with—through LinkedIn’s InMail feature. The fraudulent messages appear directly on LinkedIn or can be received via email. Most appear as if the LinkedIn user is sharing a Google Drive file with the victim and contain a malicious link, obscured by a URL shortener to hide its true destination.

Shortened URLs are often used in these types of attacks to hide malicious sites, but are common on social media platforms to safe space so may not trigger the suspicion of a user. Even for those who are concerned, expanding the URL doesn’t necessarily reveal its true intent as the hackers use a free hosting provider, gdk.mx, to redirect to the malicious site.

Once a victim lands on the hacker’s website, they are presented with a login screen that appears like the standard Google login page. If the user enters their username and password, that information will be harvested by the hackers and used to steal their Google account. Other versions of the attack are also used to target Yahoo and AOL users.

Not satisfied with just the standard login credentials, the hackers will also as their victims to enter other information as a means of confirming their identity. The malicious site will ask for a phone number or secondary email address before finally showing users the supposed document they were linked to. The Google Docs file victims see onces they hand over their credentials and other personal information that may be used to compromise their account is a decoy article about wealth management from Wells Fargo.

While the full extent of the phishing campaign is difficult to measure, Malwarebytes reported the majority of the compromised accounts had at least 500 connections on the platform, allowing for the potential of a widespread attack. Thus far, it is believed about 250 people have clicked the phishing link—though it is possible not all handed over their credentials.

Looming large over this phishing scam is the 2012 breach of LinkedIn, which resulted in more than 117 million user accounts and passwords being compromised. That information has surfaced on the dark web and been traded, sold and accessed by hackers. Because users often reuse passwords or fail to change them after a breach, the accounts involved in that breach are at risk of being used in the phishing campaign.


Download SafeUM — communicate privately, without advertising and spam.

Tags:
LinkedIn fraud phishing
Source:
IBTimes
2241
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015