November 7, 2016
LinkedIn has been in the news for all the bad reasons. Previously, it was the data of 117 million of its users stolen back in 2012, leaked in 2016 and sold on the darknet afterwords. Although, the alleged culprit behind the whole scheme was recently arrested there are people who are still looking ways to steal personal data of LinkedIn users.
In the latest, cyber criminals are targeting LinkedIn users with a sophisticated phishing scam in which the idea is to trick the user into believing that their LinkedIn account has a security issue which can be solved only by providing their personal details.
The campaign was identified by researchers at Heimdal Security who pointed out that the brain behind this scam is looking for users’ financial details, driving license and or passport copy. The purpose of collecting this information is to not only hijacking their account but also conduct further scams by stealing their identity.
The email that is targeting users comes from postmaster [@] fnotify [dot] com which is not linked with LinkedIn whatsoever however further research reveals that the email domain associated with the email is actually a WordPress blog registered to a guy Torgeir Salvesen from Finland and seems to be compromised by people behind this scam.