LinkedIn continues to top spoofed brands in phishing

BleepingComputer reports that LinkedIn accounted for 45% of all brand phishing attempts worldwide during the second quarter of 2022, making it the most spoofed brand in phishing attacks for two quarters in a row, far ahead of Microsoft, DHL, Amazon, and Apple. Fraudulent LinkedIn emails used in phishing campaigns attempt to imitate typical messages sent by the platform, with sender addresses spoofed to seem automated or originate from the platform's support or security teams, a Check Point report showed. Aside from fake LinkedIn Pro promotions, attackers have also been using account termination threats for "unverified" users and false policy updates as lures, with such messages redirecting to a phishing web page seeking victims' credentials, which could be leveraged for account takeovers. Phishing actors could also leverage LinkedIn accounts to set fraudulent job offers similar to a recent attack by North Korean hackers who were able to steal $620 million in cryptocurrency by using a malicious PDF download as a lure to an online video game employee.