LinkedIn job-hunters are now being preyed upon by massive phishing scams pretending to be the employment-oriented platform of Microsoft, which has drastically surged by a whopping 232% since Feb. 1.
LinkedIn Job-Hunting Phishing Scam
As per a news story by ThreatPost, there has been a massive rise in phishing attacks that specifically attempts to spoof LinkedIn, preying on the "Great Resignation" phenomenon.
Not to mention that data-scraping bots have also previously targeted these job-hunters to carry out these LinkedIn phishing scams.
ThreatPost noted in the same report that the new social engineering scam is capitalizing on the emotional vulnerability of folks looking to land a job anytime soon through LinkedIn.
The "Great Resignation" phenomenon further helped the cyberattacks to use its LinkedIn phishing scheme against numerous job-seekers, who have recently left their employers.
LinkedIn Phishing Scam Rises
That said, analysts from Egress looked into the existing email phishing attacks against tons of job seekers.
It turns out that LinkedIn impersonators have significantly increased by 232% since the start of February 2022.
The LinkedIn spoof then tries to trick job-seekers into giving away their login credentials. In turn, the criminal minds could take over their accounts.
The report from the United Kingdom-based cybersecurity firm, Egress, went on to state that the "current employment trends help to make this attack more convincing."
It is worth noting that there has been an increasing trend of Americans leaving their employers since 2021.
Egress added that the targets of the phishing campaign targeted various companies from locations like the United Kingdom and North America.
LinkedIn Phishing: How it Works
The LinkedIn phishing email attempts to replicate the legitimate messages that the Microsoft platform has been sending its users, carrying its branding from logo to its company colors.
On top of that, the phishing email looks more legit as it is built on HTML with a convincing LinkedIn-like layout.
What's more, cyberattackers are using prominent companies to further make it more trustworthy. It could even make it more enticing for the victim to check out.
The subject of the email alone tries to get the attention of desperate job-seekers, such as "You appeared in 4 searches this week" and "Who's searching for you online."
Even non-job-seekers would perhaps be curious to know who might have been lurking on their profiles.
Read Also : BazarBackdoor Trojan Involved in a New Phishing Campaign | CSV Text Files Used to Spread Malware
How to Avoid LinkedIn Scams
Egress said that these LinkedIn phishing emails are "sent from different webmail addresses that have zero correlation with each other."
So, to avoid these cyberattacks make sure to check out the email addresses of these messages before clicking them.
Related Article : LinkedIn Launching Clubhouse-Style Audio Events with Video Version | Currently in Beta
This article is owned by Tech Times
Written by Teejay Boris
