14 DAY TRIAL // Even if Facebook is the preferred social network targeted by scammers, similar services from other companies are not overlooked. A recent campaign seeks to steal the credentials of LinkedIn users.
Because LinkedIn is a social network for professionals, the credentials for these accounts are more valuable than those for Facebook users.
The recent phishing campaign sends the potential victim an email informing that the account had been blocked because it was not accessed for a long period of time.
To keep the LinkedIn service active, the victim has to access a link and verify the email address by providing the username and password.
Obviously, the provided link leads to a phishing site that impersonates the LinkedIn log-in page and all the information entered in the available fields is automatically sent to the cybercriminals.
To make sure they get the right information, the crooks ask for the primary address, in case multiple ones are available for the LinkedIn account.
With the victim’s credentials in their hands, the bad actors can easily launch other spam campaigns in the name of the victim, with an increased rate of success because the targets receive the lure from someone they know.
One way to spot the fake message is to take a look at the link and check if it leads to a valid LinkedIn domain. Also, logging into the account of this service is done in a secure manner, so if the HTTPS connection is missing, you can be sure that it is a scam.