Following the news that LinkedIn Becomes the Most Impersonated Brand for Phishing Attacks – LinkedIn Becomes the Most Impersonated Brand for Phishing Attacks – Infosecurity Magazine (infosecurity-magazine.com), information security experts reacted below.
The bad actors of the world continue to find ways to attempt to separate victims from their money and from their personal and business information. Social networks encourage communication between members, which can lead to users possibly trusting others when they should be more aware of the dangers of sharing information.
I personally have experienced attempts to steal personal and business information. A favorite approach seems to be the \”wrong number\” method I\’ve seen numerous times on WhatsApp. The party sends a message to you that was supposedly supposed to go to someone else, then apologizes for their \”secretary\’s error.\” They then attempt to start up a conversation with me. I have run into this multiple times, just over the past few weeks.
Sadly it’s no real surprise to see a social media network topping the ‘most likely to be imitated list’. Social media has long been very good a prompting urgency in its users, making fake notifications/emails the perfect way to launch social engineering attacks like phishing.
There are however things you can do to stop yourself from being caught out. Always check any emails you receive claiming to be from a social media platform. Does the sender’s email address look legitimate? Do they usually send email notifications? Do the logos and formatting seem right?
If in doubt, logo into your account directly and check whether the notification is duplicated there. And, never, ever, click any link you’re unsure about.
If imitation is the greatest form of flattery, then LinkedIn should be very flattered. The increase in phishing using LinkedIn as a template is evidence of the pervasiveness of the tool, but it’s also a warning to LinkedIn and its users that they need to increase their vigilance. It’s easy to think that you’re not going to fall for a phishing email, but the data suggests otherwise. Phishing continues to be used because it continues to work for attackers.