According to cybersecurity firm Egress, phishing attempts imitating LinkedIn emails have increased by 232% since the beginning of February. The company issued a research report revealing that cybercriminals employ display name spoofing and styled HTML templates to socially engineer victims into opening phishing links in Outlook 365 and then input their credentials onto bogus websites.
Many individuals have become accustomed to receiving LinkedIn emails with subject lines such as “You appeared in 4 searches this week,” “You have 1 new message,” and “Your profile matches this job.” However, fraudsters are now sending fake emails with identical subject lines using webmail addresses with LinkedIn display names.
Egress clarified, “The emails use multiple stylized HTML templates, including the LinkedIn logo, brand colors, and icons. Within the body of the email, the cybercriminal uses other well-known organizations’ names (including American Express and CVS Carepoint) to make the attacks more convincing.”
When the victim clicks on the phishing links, they are sent to a website where their LinkedIn login credentials are harvested. The footer includes parts from LinkedIn’s actual email footer, such as the company’s worldwide headquarters address, unsubscribe and support buttons, and the recipient’s information.
The emails are particularly troubling right now, according to Egress, since so many individuals are seeking new jobs and transferring employment, making them more inclined to click on malicious links that appear exactly like certain LinkedIn communications. Yehuda Rosen, senior software engineer at nVisium said that LinkedIn has hundreds of millions of users, and many of them are accustomed to receiving regular, genuine LinkedIn emails. They may inadvertently click without double-checking that each email is real.
A significant number of individuals have quit their jobs and are searching for work. According to Egress, which has witnessed objectives in a range of industries throughout North America and the United Kingdom.