Phishing scam targeting LinkedIn users

ESET Ireland warns that Irish mailboxes are receiving a fake email, asking users of the professional social network LinkedIn to confirm their email address.

An email, pretending to come from LinkedIn is making the rounds, asking users to confirm their email address, because supposedly their account was blocked due to suspicious activity.

Subject:  Important: Action Required

Date:      Fri, 21 Feb 2014 06:04:23 +0100

From:      LinkedIn <greet3@*****.de>

LinkedIn

We write to inform you that your LinkedIn account has been blocked due to suspicious activity.

To ensure that your online services with LinkedIn will no longer be interrupted

Click here to confirm your email address.

You will be asked to log in with your email address. Be sure to log in with your current primary email address.

Note! Failure to confirm your email may result to suspension.

Thank you for using LinkedIn

–The LinkedIn Team

The link provided takes the potential victim to a German website mimicking LinkedIn, where they are asked to enter their email and password, therefore granting attackers free access to their LinkedIn account.

LinkedIn are aware of scams abusing their name and they offer the following advice:

  • Please use caution when clicking or opening emails, seemingly from sites you trust.
  • Fraudsters try to mimic legitimate emails, but they often make mistakes like typos or include information that’s not relevant to you. Be suspicious of emails that include names you don’t recognize.
  • Keep in mind that a site like LinkedIn would never ask you to open an email attachment or install a software update.
  • If you get an email that seems suspicious or is from a person or company you don’t know, we advise you not to open any attachments or click any links.
  • Before clicking on a link in an email, move your cursor over the link to verify that they direct to the appropriate site.

ESET Ireland would like to add that anyone receiving phishing emails shouldn’t reply to them either, as this just confirms to the fraudsters that it is a legitimate email belonging to someone and they might prepare a customised scam for it next time.

by Urban Schrott


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s