In the first quarter of 2022, LinkedIn became the most often impersonated brand for phishing campaigns. Scam operators often lure their victims by pretending they are a legitimate company in need of some sort of information or verification. Many phishing scams are readily identifiable by common phishing red flags like grammatical errors or old logos.
What is remarkable about the LinkedIn campaigns is that they are looking very believable. Examples provided by Check Point, who compiled the listings, include current versions of LinkedIn logos, good grammar, and even on-brand email style. The hook is in the Accept link that is supposed to connect the recipient with a recommended contact. It leads to a rather convincing phishing site that looks like the standard LinkedIn sign-in page. There, the phishers steal the LinkedIn credentials you enter.
What’s the big deal?
A taken-over LinkedIn can be used almost like a hijacked business email to directly spear phish other victims in your name. Not only does this make things look unprofessional for you, it opens your connections up to attack. Your LinkedIn account can also be used to post fake job offers with malicious code or to publicly post malicious links that either steal your contacts’ information or install malware on their devices.
3 Keys to Staying Secure:
- Do not accept connections you do not actually know. While questions over the number of fake accounts make the rounds, fake accounts exist. It is not up for debate. Make sure you know the person or organization inviting you to connect before accepting their request.
- Hover, hover, hover. Even the well-crafted phishing links lead to domains other than LinkedIn.com. Hover over any link before clicking on it to make sure it is taking you to the site you expect.
- Enable multifactor authentication (MFA). This extra layer of defense limits would-be attackers’ access to your accounts. Not only will they need your username and password, but they will also need a way to verify another level of authentication. It greatly increases your account’s security.
ABOUT FRONTLINE TECHNOLOGY LLC
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders. With over 20 years' experience serving organizations of all sizes, Frontline understands the unique needs, budgets, and technology challenges of nonprofits.
Technology is often perceived as complicated and expensive. Many nonprofits struggle to implement the technology solutions and security needed to drive their mission forward. Frontline Technology helps nonprofits overcome their technology challenges so they can stay focused on their mission.
For nonprofits of every type and size: We Keep IT Simple
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders.