14 DAY TRIAL // LinkedIn representatives have been right to highlight the fact that the notification emails they send to affected users don’t contain any links. All those who ignored the warning may have ended up being the victims of malicious operations.
AppRiver has come across an email that appears to originate from LinkedIn, but unlike the legitimate ones, this one contains a big “Sign In” button that points to a malware-serving website.
“For security purposes you need to get your LinkedIn account secured today. Signing below or paste the Link to your address bar to get protected now and get your email secured,” reads the fake notification.
Once again, we remind users that this incident will most likely be utilized by many cybercriminals in an attempt to steal credentials, advertise shady products, or spread malware. Take a close look at the sender’s address, the design of the email and the way it’s worded.
Also, remember that the official LinkedIn security alerts don’t contain links.