Thursday, December 5, 2024
HomePhishingBeware !! LinkedIn User Credentials Stealing via Sophisticated Phishing Attack

Beware !! LinkedIn User Credentials Stealing via Sophisticated Phishing Attack

Published on

SIEM as a Service

Nowadays Linkedin is suffering by many Social Engineering attack that is used to harvesting the user Credentials and Linkedin is widely used Professional Network which is always Big Fish For hackers to Target and Stealing the users account and other information.

A New Phishing Attack Targeting Linkedin users that spreading via Compromised Linkedin Accounts to steal the user Credentials by sending Phishing Links to their contacts via private message and also to external members via email.

Already Conpromised Accounts including Premium membership accounts that have the ability to contact other LinkedIn users (even if they aren’t a direct contact) via the InMail feature

This Phishing Link  Widely Spreading Champaign that Mimics as Legitimate Gmail and other Email Provides Login Page.

- Advertisement - SIEM as a Service

According to Malwarebytes Research, The main page is followed by an additional request for a phone number or secondary email address and ultimately the user sees a decoy Wells Fargo document hosted on Google.

Also Read: New Vulnerability Discovered in LinkedIn Messenger That Allow to Spread Malware and Compromise the Victims PC

How Does It Spreading via Private Message

Most of the Phishing URL spreading via private Messages from trust accounts that were Already hacked.

Message Contains the information that meant to be shared the Document from GoolgeDoc Drive with a Link via the Ow.ly URL shortener.

Phishing Attack

Phishing Message

Shortened URL’s are very good Source to Spreading Malicious URL’s and Malware and it is using for legitimate Purpose as well.

Once Victims Click the shortened URL, it will Direct to the hacked Website page which is built as a Gmail phish, but will also ask for Yahoo or AOL usernames and passwords.

Phishing Attack

Redirected URL to Fake Gmail Page

The main page is followed by an additional request for a phone number or secondary email address and ultimately the user sees a decoy Wells Fargo document hosted on Google Docs.

In this Case, Linkedin Trusted InMail feature to send the same phishing link. InMail Future used by Linkedin for Directly contact to another Linkedin Member Who is Not Connected and this will also Lead to send Malicious urls via the Account that is not Compromised.

So Beware of the Malicious Phishing Links and Don’t provide any credential information to untrust Website. Be safe and secure.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

One Identity Named Winner of the Coveted Top InfoSec Innovator Awards for 2024

One Identity named Hot Company: Privileged Access Management (PAM) in 12th Cyber Defense Magazine’s...

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Cloudflare Developer Domains Abused For Cyber Attacks

Cloudflare Pages, a popular web deployment platform, is exploited by threat actors to host...

New TLDs Such as .shop, .top and .xyz Leveraged by Phishers

Phishing attacks have surged nearly 40% in the year ending August 2024, with a...

New Phishing Attack Targeting Corporate Internet Banking Users

A sophisticated phishing scam has surfaced in Japan, targeting corporate internet banking users.This...