As cybercriminals look for novel and effective ways to gain entrance to a victim network, LinkedIn is proving to be fruitful enough to keep the attention of phishing scammers.
I hope you can appreciate the sophistication of a phishing attack that targets not just a specific company, or even an individual, but a role within the organization – complete with a tailored socially engineered campaign of emails, landing pages, impersonated brands, phone call scripts, and a defined process for the prospective victim to follow… until they perform the malicious action desired by the threat actor at the helm.
This is exactly the kinds of attacks we’re seeing with LinkedIn – the top impersonated brand for the second quarter in a row, according to Checkpoint’s Q2 Brand Phishing Report. With the data on over 500 million LinkedIn users available for cybercriminals to utilize, we’ve seen massive increases in attacks impersonating LinkedIn of well-over 200% in just a single month.
The FBI even recently put out a warning about widespread fraudulent activity using LinkedIn’s branding and platform as the foundation for the attack.
According to Checkpoint, impersonation of LinkedIn is used in phishing attacks today at more than three times the rate of Microsoft (a brand we’ve seen way too often used, due to its widespread applicability to users of the Windows operating system and the Microsoft 365 platform).
Because even your organization has users that are looking for their next job today, it’s imperative that they understand the risk of responding to any communication – whether in email or on the web – that is either unexpected or seems too good to be true. This level of vigilance is attained by putting users through continual Security Awareness Training to teach them about how brand impersonation (LinkedIn or otherwise) is commonly used to increase the chances of a successful phishing attack
Free Phishing Security Test
Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Here’s how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customize the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organization compares to others in your industry
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW