Skip to main content

LinkedIn used as a 'front door' for phishing attacks

Yesterday we reported how people in the UK experience, on average, 8,000 phishing attacks a month, and now we have more information on the techniques and processes cyber-criminals use when phishing.

According to a report by Computing, cyber-criminals love using LinkedIn as a 'front door' for both phishing and whaling attacks.

LinkedIn is a business social network that currently has more than 400 million users worldwide. Cyber-criminals are using it to approach potential targets and 'soften them up', before actually sending any malware.

Phishing is a fairly broad term for a technique in which crooks give potential victims bait via email, be it that one of their accounts is being revoked, or they're being notified of a debt somewhere, all for the purpose of them clicking on whatever is attached.

Attachments can sometimes be malware or ransomware, and sometimes can be links, leading to a fake, but legitimate-looking website where the victim needs to log in, and preferably submit personal information (in ideal situations for crooks, credit card info).

Whaling is pretty much the same thing, except the targets are mostly corporations.

Speaking to Computing, IT director at law firm BLM, Abby Ewen, shared her experience of a ‘determined’ phishing attack:

"We have had both via an email and telephone an attempt to extort money by someone purporting to be the CFO. It was intercepted both times because we have some very vigilant people trained to spot things that don't look right. We had one this week, a scam email passed to me by a partner, and the person who sent [the scam mail] had connected with the partner on LinkedIn prior to sending the email.

"LinkedIn was used as the front door into the scam," she said.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.