Linkdin phishing attacks now bypassing google detection
Armorblox discovered a new credential phishing effort that has the capacity to circumvent Google's email security measures. Due to the fact that social media platforms continue to be an excellent supply of potential victims for hackers, the campaign is being run on LinkedIn.
Going into the specifics of the situation
A major travel company's workers made up the target audience for the phishing attack, which targeted 500 mailboxes.
An email with the subject line "We discovered some unexpected behaviour" is sent out, claiming to be from LinkedIn but really coming from another source.
Nevertheless, the attackers spelt LinkedIn incorrectly, and the domain wasn't established until March 6th.
After authenticating itself successfully using DMARC and SFP, the phishing effort was able to avoid detection by the email security protections implemented by Google.
In order to be successful, the campaign included techniques such as brand impersonation, social engineering, malicious URLs, and imitation of preexisting corporate workflows.
The most recent LinkedIn dangers
In the third quarter, LinkedIn overtook DHL and Microsoft to become the third most impersonated brand, respectively. On the other hand, for the first two quarters of the year, it was at the very top of the list.
On the professional networking platform LinkedIn, threat actors have been generating phoney employee identities that combine AI-generated profile photographs with content that has been taken from actual users.
During the month of September, a phishing effort was discovered that abused the Slovakian Postal Service by exploiting LinkedIn smart links redirection. This marketing was able to sidestep SEGs successfully.
LinkedIn is putting up a fight.
The platform has included three new elements that operate as a defence mechanism against harmful actions and fraudulent profiles that may be found on the site.
LinkedIn has been revealing more information about accounts in an effort to verify them, is aggressively looking for phoney AIs, and is alerting users about communications that may have malicious intent.
The bare essentials
Over the course of the last several years, malicious actors have made extensive use of LinkedIn to steal credentials from the platform's users and launch attacks on corporate networks. Instead than relying just on the game's inherent email security, Armorblox suggests putting in place an additional email security layer. In addition to that, be sure to utilise MFA and pay attention to social engineering indications.