- Hackers exploit LinkedIn messages to trick users into providing login credentials
- Phishing emails often appear as urgent job opportunities to manipulate recipients
- Fraudulent domains like “inedin[.]digital” mimic LinkedIn to gain trust
Experts have warned that hackers are increasingly exploiting LinkedIn messages to trick users into providing sensitive login information using highly realistic emails that mimic legitimate alerts.
New research from Cofense outlines how these campaigns often pose as job opportunities, leveraging urgency and curiosity to manipulate recipients into interacting with malicious links.
The attackers rely mostly on emotional triggers to bypass rational caution and gain access to accounts.
The article continues below
Attackers manipulate emotions to bypass user caution
The malicious emails often appear to come from recruiters at reputable firms, complete with convincing logos, fonts and formatting.
The research team noticed that even the smallest details are deliberately copied from authentic LinkedIn pages to create trust, with the fake domain “inedin[.]digital” that looks like the legitimate LinkedIn site.
Fraudulent sender addresses, such as “khanieteam[.]com,” are similarly designed to avoid immediate suspicion, despite having no connection to LinkedIn.
Many of the spoofed websites and email accounts were created just months or even days before attacks, demonstrating the speed with which threat actors can deploy new campaigns.
These attackers are not static; they consistently refine their technical sophistication to achieve their goals.
Cofense also reports that the campaigns are increasingly incorporating publicly available personal data, including home addresses and mapped locations, to increase credibility.
In one notable example, attackers embedded Google Maps screenshots in extortion emails, a deceptive move to convince recipients.
Personalization and automation make these campaigns both cheaper and faster to launch than traditional phishing attacks.
Cofense provided technical details, including email indicators of compromise (IOCs), lists of observed IP addresses and payload URLs, to help cybersecurity professionals detect and mitigate these schemes.
Phishing emails are often translated from other languages, such as Chinese, showing the global scope of these campaigns.
Even minimal delays in analyzing these attacks can result in compromised credentials; therefore, organizations need to implement rapid response.
Being aware of malware threats is critical as attackers often use it to harvest credentials and compromise devices.
Users are advised to remain vigilant when receiving unexpected LinkedIn notifications and should verify the authenticity of senders before clicking on links.
Cofense recommends combining human intelligence with automated threat detection to allow security teams to neutralize campaigns before widespread impact.
Regularly updated antivirus software can provide an extra layer of protection against malicious attachments and malicious links.
Security experts stress the importance of checking URLs carefully, avoiding shortcuts to login pages, and verifying communications through official channels.
A robust firewall can also help block unauthorized access and prevent attackers from exploiting system vulnerabilities.
That said, thinking twice before interacting with such emails is the most effective step against increasingly convincing phishing attacks.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
