Nowadays Linkedin is suffering by many Social Engineering attack that is used to harvesting the user Credentials and Linkedin is widely used Professional Network which is always Big Fish For hackers to Target and Stealing the users account and other information.
A New Phishing Attack Targeting Linkedin users that spreading via Compromised Linkedin Accounts to steal the user Credentials by sending Phishing Links to their contacts via private message and also to external members via email.
Already Conpromised Accounts including Premium membership accounts that have the ability to contact other LinkedIn users (even if they aren’t a direct contact) via the InMail feature
This Phishing Link Widely Spreading Champaign that Mimics as Legitimate Gmail and other Email Provides Login Page.
According to Malwarebytes Research, The main page is followed by an additional request for a phone number or secondary email address and ultimately the user sees a decoy Wells Fargo document hosted on Google.
How Does It Spreading via Private Message
Most of the Phishing URL spreading via private Messages from trust accounts that were Already hacked.
Message Contains the information that meant to be shared the Document from GoolgeDoc Drive with a Link via the Ow.ly URL shortener.
Phishing Message
Shortened URL’s are very good Source to Spreading Malicious URL’s and Malware and it is using for legitimate Purpose as well.
Once Victims Click the shortened URL, it will Direct to the hacked Website page which is built as a Gmail phish, but will also ask for Yahoo or AOL usernames and passwords.
Redirected URL to Fake Gmail Page
The main page is followed by an additional request for a phone number or secondary email address and ultimately the user sees a decoy Wells Fargo document hosted on Google Docs.
In this Case, Linkedin Trusted InMail feature to send the same phishing link. InMail Future used by Linkedin for Directly contact to another Linkedin Member Who is Not Connected and this will also Lead to send Malicious urls via the Account that is not Compromised.
So Beware of the Malicious Phishing Links and Don’t provide any credential information to untrust Website. Be safe and secure.