Extensive exploitation by threat actors for malware delivery, credential theft, and financial fraud schemes has prompted LinkedIn to unveil new security features aimed at combating phony profiles and malicious platform utilization, reports BleepingComputer.
More extensive account information is now being displayed by LinkedIn in an effort to strengthen authenticity verification and fraudulent account hunting. LinkedIn has introduced the "About this profile" section detailing the time the profile was created, whether account holder had their number verified, and whether a work email was linked to their profile. Artificial intelligence has also been used by LinkedIn to capture fake accounts using AI-generated photos in their profile.
"Our new deep-learning-based model proactively checks profile photo uploads to determine if the image is AI-generated using cutting-edge technology designed to detect subtle image artifacts associated with the AI-based synthetic image generation process without performing facial recognition or biometric analyses," said LinkedIn.
Moreover, warnings are also being issued by LinkedIn to chat participants proposing to take the conversation in other platforms.
Attackers have been leveraging the new "file archive in the browser" phishing technique that enables the creation of realistic phishing pages masquerading as legitimate file archive software, with hosting on a .ZIP domain further establishing the legitimacy of the scheme, reports The Hacker News.
BleepingComputer reports that recent phishing attacks by the QBot malware operation, also known as Qakbot, have involved the exploitation of a DLL hijacking flaw in the Windows 10 WordPad executable "write.exe."
Microsoft credentials targeted new phishing attacks with RPMSG files New phishing attacks involving compromised Microsoft 365 accounts and encrypted restricted permission message, or RPMSG, files, are being leveraged by threat actors to facilitate the stealthy exfiltration of Microsoft credentials, according to BleepingComputer.