Tuesday, January 14, 2025
HomePhishingNew Fake Email Phishing Scam Attack LinkedIn Users - Beware

New Fake Email Phishing Scam Attack LinkedIn Users – Beware

Published on

[jpshare]Fake Email phishing attack hitting LinkedIn users via Mail and LinkedIn inbox’s  and ask them to attach the CV. Since its looks like an original link which come from official LinkedIn, its leads to  many users to be victimized by this Email  phishing Attack .

It is decent to believe that beneficiaries of the false message would detect various cautioning signals when they open the correspondence in their email inbox.

Attackers have spammed out email messages posing as communications from LinkedIn, claiming that a company is “urgently seeking” workers matching your qualifications in “your region”.

Be that as it may, there’s dependably a possibility that somebody Eager to discover new employment may not see that the messages whether it is original Link or not.

The site (at https://linkedinjobs.jimdo.com) to which the underlying messages indicated has as of now been brought down, yet you can make certain that the scammers have already set up new ones, and changed the connection in hence sent messages .

Accoring to  Total Defence “Phone numbers can be sold for companies doing promotional cold calling. Or, the cyber criminal might call you himself in a vishing attack.

In other cases, he might use the information for identity theft, using the companies you worked at or attached references as a cover for fraudulent activities.”

By having Victims personal information link , your full name, date of birth, work and home email addresses, work and home telephone numbers, and all manner of other personal information that could be abused by scammers.

According to HELPNETSECURITY The scammers  are attempting to impersonate the well known  employment-oriented social networking service, however cautious clients will instantly spot numerous things that indicate the email being fake:

  • The email sender address that has nothing to do with LinkedIn
  • The lack of certain design elements and the “unsubscribe” footer usually contained in LinkedIn emails
  • The email not addressing the recipient by name
  • A sense of urgency that the email is designed to create
  • Typos, and so on.

Total Defense warns about Phishing scams ,

  • Non-existing organizations reaching users straightforwardly with employment offers for which they haven’t connected (as in this last LinkedIn trick),
  • Insecure sites (no HTTPS to protect the information imputed into job application forms)
  • Follow-up messages requesting more delicate data (e.g. financial balance number to set up direct store)

Also Read:

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details

A critical flaw in Google's "Sign in with Google" authentication system has left millions...

Hackers Attacking Internet Connected Fortinet Firewalls Using Zero-Day Vulnerability

A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the...

Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass...

CISA Released A Free Guide to Enhance OT Product Security

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Hackers Using YouTube Links and Microsoft 365 Themes to Steal Logins

Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs...

Hackers Targeting Users Who Lodged Complaints On Government portal To Steal Credit Card Data

Fraudsters in the Middle East are exploiting a vulnerability in the government services portal....

Beware! Fake Crowdstrike Recruitment Emails Spread Cryptominer Malware

CrowdStrike, a leader in cybersecurity, uncovered a sophisticated phishing campaign that leverages its recruitment...