ESET Ireland warns that Irish mailboxes are receiving a fake email, asking users of the professional social network LinkedIn to confirm their email address.
An email, pretending to come from LinkedIn is making the rounds, asking users to confirm their email address, because supposedly their account was blocked due to suspicious activity.
Subject: Important: Action Required
Date: Fri, 21 Feb 2014 06:04:23 +0100
From: LinkedIn <greet3@*****.de>
We write to inform you that your LinkedIn account has been blocked due to suspicious activity.
To ensure that your online services with LinkedIn will no longer be interrupted
Click here to confirm your email address.
You will be asked to log in with your email address. Be sure to log in with your current primary email address.
Note! Failure to confirm your email may result to suspension.
Thank you for using LinkedIn
–The LinkedIn Team
The link provided takes the potential victim to a German website mimicking LinkedIn, where they are asked to enter their email and password, therefore granting attackers free access to their LinkedIn account.
LinkedIn are aware of scams abusing their name and they offer the following advice:
- Please use caution when clicking or opening emails, seemingly from sites you trust.
- Fraudsters try to mimic legitimate emails, but they often make mistakes like typos or include information that’s not relevant to you. Be suspicious of emails that include names you don’t recognize.
- Keep in mind that a site like LinkedIn would never ask you to open an email attachment or install a software update.
- If you get an email that seems suspicious or is from a person or company you don’t know, we advise you not to open any attachments or click any links.
- Before clicking on a link in an email, move your cursor over the link to verify that they direct to the appropriate site.
ESET Ireland would like to add that anyone receiving phishing emails shouldn’t reply to them either, as this just confirms to the fraudsters that it is a legitimate email belonging to someone and they might prepare a customised scam for it next time.
by Urban Schrott