Recently, fake LinkedIn profiles have started posting comment replies claiming that a user has “engaged in activities that are not in compliance” with LinkedIn’s policies and that their account has been “temporarily restricted” until they submit an appeal through a specified link in the comment.
The accounts posting the comments all try to look like official LinkedIn bots and use various names. It’s likely they create new accounts when LinkedIn removes them.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New cybercrime tool can build phishing pages in real-time
January 28, 2021
A cybercrime group has developed a novel phishing toolkit that changes logos and text on a phishing page in real-time to adapt to targeted victims. Named LogoKit, this phishing tool is already deployed in the wild, according to threat intelligence firm RiskIQ, which has been tracking its evolution. The company said it already identified LogoKit installs on ...
- Beware: PayPal phishing texts state your account is ‘limited’
January 3, 2021
A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft. When PayPal detects suspicious or fraudulent activity on an account, the account will have its status set to “limited,” which will put temporary restrictions on withdrawing, sending, or receiving money. Read ...
- Phishing Technique Uses Legitimate-looking Domains to Avoid Detection
December 28, 2020
Email threats continued to increase in the time of the pandemic, and the number of phishing URLs rose along with it. Our 2020 mid-year observation on phishing and email threats continue to be true as we close out the year. During our recent tracking efforts, we observed a phishing technique that involves a combination of phishing ...
- PSA: Active Chase phishing scam pretends to be fraud alerts
December 23, 2020
A large scale phishing scam is underway that pretends to be a security notice from Chase stating that fraudulent activity has been detected and caused the recipient’s account to be blocked. Today, numerous people have told BleepingComputer that they received the same fake Chase “Security Notice” scam attempting to steal their banking credentials. One recipient said ...
- Emotet Returns to Hit 100K Mailboxes Per Day
December 23, 2020
After a lull of nearly two months, the Emotet botnet has returned with updated payloads and a campaign that is hitting 100,000 targets per day. Emotet started life as a banking trojan in 2014 and has continually evolved to become a full-service threat-delivery mechanism. It can install a collection of malware on victim machines, including information ...
- Phishing campaign targets organizations in COVID-19 vaccine cold chain
December 3, 2020
IBM’s cyber-security division says that hackers are targeting companies associated with the storage and transportation of COVID-19 vaccines using temperature-controlled environments — also known as the COVID-19 vaccine cold chain. The attacks consisted of spear-phishing emails seeking to collect credentials for a target’s internal email and applications. Targets of the attacks included a wide variety of companies, ...