14 DAY TRIAL // Typosquatting is a very effective method used by phishers to trick internauts into thinking they’re on a legitimate website.
A good example is provided by Conrad Longmore of Dynamoo’s Blog. The security expert has come across a LinkedIn spam campaign that’s designed to lure users to a phishing website.
It all starts with an email entitled “You need to confirm your email address,” that appears to come from LinkedIn Support.
“We write to inform you that your LinkedIn account has been blocked due to inactivity. To ensure that your online services with LinkedIn will no longer be interrupted. Click here to unblock your account,” the phony emails read.
“You will be asked to log into your account to confirm this email address. Be sure to log in with your current primary email address. We ask you to confirm your email address before sending invitations or requesting contacts at LinkedIn. You can have several email addresses, but one will need to be confirmed at all times to use the system.”
The links from the notification take recipients to “linkedlne.com.” Once they arrive on the phishing site, victims are instructed to verify their LinkedIn accounts by logging in to one of their email accounts.
Of course, this has nothing to do with LinkedIn. All the submitted information ends up in a database controlled by the cybercriminals. They can use the credentials for various purposes, including spam runs, and phishing and malware attacks.
It’s worth noting that the body of the email that lures users to the phishing site has been utilized for over a year now. However, it’s clear that the crooks can still make good use of it.
Currently, the “linkedlne.com” domain is flagged by both Google and antivirus products as being malicious.