In phishing campaigns, cybersecurity experts have discovered attackers using LinkedIn’s shortened URLs to trick messaging apps as well as their victims. Avanan researchers have revealed how hackers are using LinkedIn’s automated URL shortening service to initiate a new credential-gathering operation in a blog post. An email was sent inviting recipients to click on a shortened URL on LinkedIn to provide the missing information.
We’re interested in how our readers are using VPNs with streaming services like Netflix to guide us in developing better content and advice. This survey will take less than 60 seconds of your time, and we would be grateful if you could share your knowledge with us.
The researchers found that “after a link from LinkedIn (lnkd.in) to another website, visitors will be transferred through many redirects before they get to that phishing page.”
Avanan says the latest phishing scam, which she calls “one of the most sophisticated” ever, can target any employee. The Check Point Research report mentioned in their press release quoted above ranked LinkedIn as the sixth most imitated brand in phishing attacks globally in the second quarter of 2021.
âPlus, more employees have access to billing and billing information, which means that a spray and prayer campaign can be effective,â Avanan said.
It is not uncommon for people to redirect potential victims to a phishing page using a URL shortening service. CyberNews researchers uncovered this year’s large-scale phishing campaign, which used a URL shortening service to deceive nearly 500,000 Facebook users, while investigating a bogus message sent through Facebook Messenger.
In fact, experts have long advised individuals against clicking shortened URLs in message notifications, emails, and other types of online interactions from unknown parties.
Pop culture geek with subtle charm. Amateur analyst. Passionate about independent television. Coffee lover