Actual Malicious LinkedIn Emails
-
Several months ago we blogged about a startling discovery by threat researchers at Proofpoint: the bad guys had figured out a way to turn Paypal itself into a phishing platform, exploiting the "money request" feature in Paypal, which allows senders to include a personalized message, to phish potential victims via malicious emails delivered through Paypal's own service. Those unwary enough to click the embedded links included in those malicious emails were rewarded with the Chthonic banking trojan.
Recently we encountered yet another successful attempt to convert a legitimate online service into a phishing platform. This time it's LinkedIn, the social networking service familiar to hundreds of millions of users and now a staple in American business culture.
What is abundantly clear from this series of Wells Fargo phishes is that LinkedIn has become a viable platform for launching phishing attacks against users who have been targeted for their connections to a high profile financial institution. LinkedIn is now valued not only for its wealth of data on potential targets for all manner of scams and targeted phishing attacks but for its usefulness in generating emails that leverage LinkedIn's own reputation to bypass security solutions implemented by corporations throughout the United States.
Given the restrictions surrounding the use of LinkedIn's messaging features, we doubt that these kinds of leveraged attacks will ever achieve high volume distribution. But LinkedIn's inherent reputation does lend itself to launching very targeted attacks against corporate lucrative targets. A credentials phish, as we saw in these two cases, is the most basic of phishing attacks. Having proven LinkedIn's viability as a phishing platform, we expect malicious actors will find creative ways to exploit LinkedIn's data and messaging features to launch still more dangerous and creative attacks against LinkedIn users in the near future. Blog post with much more:
https://blog.knowbe4.com/yes-that-email-is-really-from-linkedin.-and-yes-its-really-malicious
-
Dang, guess I'm behind on this stuff not being able to pay attention to things like normal. I bet one of the emails I haven't read from knowbe4 is this blog post.
-
I would always hope that someone isn't naive enough to think that a major financial institution with their contact info on hand would reach out to them through LinkedIn.
Buuuuuut, I've been wrong before.
-
@ChrisL said in Actual Malicious LinkedIn Emails:
I would always hope that someone isn't naive enough to think that a major financial institution with their contact info on hand would reach out to them through LinkedIn.
Buuuuuut, I've been wrong before.
Nah... Why would they do that, when they could impersonate a family friend and try to tell me that I won 150k from a non-existent government agency.
-
@dafyre said in Actual Malicious LinkedIn Emails:
@ChrisL said in Actual Malicious LinkedIn Emails:
I would always hope that someone isn't naive enough to think that a major financial institution with their contact info on hand would reach out to them through LinkedIn.
Buuuuuut, I've been wrong before.
Nah... Why would they do that, when they could impersonate a family friend and try to tell me that I won 150k from a non-existent government agency.
Congratulations!
-
@ChrisL said in Actual Malicious LinkedIn Emails:
@dafyre said in Actual Malicious LinkedIn Emails:
@ChrisL said in Actual Malicious LinkedIn Emails:
I would always hope that someone isn't naive enough to think that a major financial institution with their contact info on hand would reach out to them through LinkedIn.
Buuuuuut, I've been wrong before.
Nah... Why would they do that, when they could impersonate a family friend and try to tell me that I won 150k from a non-existent government agency.
Congratulations!
Can I give them your bank account numbers? We can split the winnings.
-
@dafyre said in Actual Malicious LinkedIn Emails:
@ChrisL said in Actual Malicious LinkedIn Emails:
@dafyre said in Actual Malicious LinkedIn Emails:
@ChrisL said in Actual Malicious LinkedIn Emails:
I would always hope that someone isn't naive enough to think that a major financial institution with their contact info on hand would reach out to them through LinkedIn.
Buuuuuut, I've been wrong before.
Nah... Why would they do that, when they could impersonate a family friend and try to tell me that I won 150k from a non-existent government agency.
Congratulations!
Can I give them your bank account numbers? We can split the winnings.
I was afraid you'd never ask.
