LinkedIn is now the most imitated brand by phishing scammers – reportBlathnaid O’Deaon April 19, 2022 at 14:00 Silicon RepublicSilicon Republic


LinkedIn users have been warned to watch out for suspicious emails that could be phishing scams from cybercriminals intent on stealing their data.

It comes as the professional networking website was found to represent 52pc of all phishing attacks globally, according to Check Point Research’s (CPR) Brand Phishing Report for Q1 2022.

The report highlights the brands that cyber criminals most often imitated in the first three months of this year to lure people into giving up their personal data.

In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site. The link to the fake website can be sent to targeted individuals using a number of different methods. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.

CPR named LinkedIn as the most imitated brand by cyber criminals for the first time ever. This represents a significant increase on the previous quarter when LinkedIn only accounted for 8pc of phishing attempts. It made the 44pc increase from fifth place to first place in a single quarter.

Courier company DHL was the second most targeted brand, having placed at 14pc. It was followed by major tech giants Google and Microsoft as well as shipping brand FedEx. WhatsApp also featured in the top 10 list, accounting for almost one in 20 phishing attacks globally.

CPR’s latest brand phishing report has pointed towards to an emerging trend of threat actors leveraging social networking brands as part of their phishing attempts. Social networks are now the number one targeted category ahead of shipping companies and technology companies such as Google, Microsoft and Apple.

According to Omer Dembinsky, data research group manager at CPR, “These phishing attempts are attacks of opportunity, plain and simple. Criminal groups orchestrate these phishing attempts on a grand scale, with a view to getting as many people to part with their personal data as possible. Some attacks will attempt to gain leverage over individuals or steal their information, such as those we’re seeing with LinkedIn.

“Others will be attempts to deploy malware on company networks,” Dembinsky said, referring to “fake emails containing spoof carrier documents” that CPR has been seeing purporting to be from shipping company Maersk.

“If there was ever any doubt that social media would become one of the most heavily targeted sectors by criminal groups, Q1 has laid those doubts to rest. While Facebook has dropped out of the top ten rankings, LinkedIn has soared to number one and has accounted for more than half of all phishing attempts so far this year.”

Dembinsky added that the best defence against phishing threats was knowledge. “Employees in particular should be trained to spot suspicious anomalies such as misspelled domains, typos, incorrect dates and other details that can expose a malicious email or text message. LinkedIn users in particular should be extra vigilant over the course of the next few months.”

Here are some tips Dembinsky had for users of these targeted websites to aware of:

Be cautious when divulging personal data and credentials to business applications or websites.
Think twice before opening email attachments or links, especially emails that claim to be from companies such as LinkedIn or DHL, as they are currently the most likely to be impersonated.
Look for misspellings in emails.
Beware of urgent requests, such as change your password now.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post LinkedIn is now the most imitated brand by phishing scammers – report appeared first on Silicon Republic.

Leave a Comment