About 10,000 users of LinkedIn.com, the social networking site for professionals, recently were targeted by a tailor-made scam that urged recipients to open a malicious file masquerading as a list of business contacts. Most e-mail-based malware attacks and phishing campaigns designed to trick people into handing over personal and financial data generally are blasted out indiscriminately. But so-called “spear phishing” attacks – such as the bogus LinkedIn campaign — address recipients by name in the subject line and body of the message to appear more legitimate. The messages in this campaign were of course spoofed to look like they were sent from support@linkedin.com, with the subject line “Re: business contacts.” The message read: [recipient’s name] We managed to export the list of business contacts you have asked for. The name, address, phone# , e-mail address and website are included. The list is attached to this message. After you you check…
Trending
- 5 Active Malware Campaigns in Early 2025: What You Need to Know
- 10 Critical Network Pentest Findings IT Teams Overlook
- Report Phishing Instantly with PhishAlarm
- Password Reuse Epidemic: Nearly Half of User Logins Compromised
- Women in Cybersecurity: Interest, Exposure, or Just Stereotypes??
- Stay Ahead of Scammers in 2025
- Cybersecurity Alert: Risks of Abandoned Websites
- DHS Unveils Playbook for the Deployment of Artificial Intelligence for the Public Sector
