LinkedIn Phishing Scam: Taking The Next Steps
Recent news puts the highlight on LinkedIn phishing scams as Vevo, which hosts music videos from popular artists on YouTube and its own site, got targeted by such a scam. Over 3TB of internal files were posted online by the OurMine hacker squad. OurMine typically hacks people and seeks to demonstrate to companies that they have weak security.
A Vevo spokesperson confirmed “that Vevo experienced a data breach as a result of a phishing scam via Linkedin.”
LinkedIn phishing scams aren’t new, but they can be particularly dangerous because they can abuse long standing and trusted accounts, including Premium membership accounts that have the ability to contact other LinkedIn users (even if they aren’t a direct contact).
LinkedIn scams typically come in one of two varieties: an email purporting to be from the LinkedIn organization, or via a message delivered directly within the platform to LinkedIn users.
Is That Email Really From LinkedIn?
Phishing scams often take the form of an email purporting to be from a trusted organization and requesting key account information. LinkedIn is often a target of such scams.
Recent phishing emails start with “Dear Valid LinkedIn User”, a first indication that the message is a scam as LinkedIn obviously is aware of your identity and can address messages properly. Then, the email includes other tip-offs like bad grammar and urgent requests.
The email asks the recipient to click on a suspicious link to ensure they retain LinkedIn privileges. The link directs to a form requesting account information such as username and password.
As with similar phishing scams, there are a few lessons to take away:
- Be wary of urgent emails requesting account information.
- Be wary of impersonally addressed emails that are littered with poor grammar and misspellings. These are not the calling cards of reputable firms.
- Check the sender’s email address – is it a legitimate address from the company?
- Finally, if is sounds too good to be true, it probably is.
Scams that Compromise LinkedIn Users or Accounts
A more disturbing phishing scam directed to LinkedIn users is perpetrated from directly within the platform. These attacks send phishing links to a user’s contacts via private message but also to external members via email.
In the first instance, the LinkedIn user receives a LinkedIn message from a trusted and existing contact. The message includes a link to a shared document via the Ow.ly URL shortener. The web page at the destination link then asks for personal information such as an email or phone number.
The second instance takes advantage of LinkedIn’s Premium membership accounts that have the ability to contact other LinkedIn users (even if they aren’t a direct contact) via the InMail feature. The email message includes a link to a site that requests personal information. Via this method, hackers can target victims beyond just a LinkedIn user’s contacts.
In a recent incident, a user whose account was hacked had over 500 connections on LinkedIn and based on Hootsuite‘s stats, 256 people clicked on the phishing link.
What you can do if your LinkedIn account is compromised:
- Change your password.
- Consider enabling two-step verification.
- Post a message on your LinkedIn timeline to let contacts know you were hacked.
- Report the message as a scam to LinkedIn.
- Consider installing a browser extension to help in blocking such attacks.
For more information, check out LinkedIn’s guidance on identifying and reporting scams.