Security firm Symantec warned that cyber criminals have started targeting LinkedIn users by sending them fake emails claiming to be from LinkedIn support. These emails ask users to share their credentials.
Last week, It was observed that number of phishing emails have been increased. This email instruct users that they should download and follow the instructions written in mail attachment in order to secure their account. This attachment is the phishing page which looks exactly similar to the Linkedin.com. Once the user use this web page to login, credentials will be sent to the attacker.
This email uses lowercase I instead of capital i while writing ‘LinkedIn’. Differnce in the charst is indiscernible to the eye and functions as a way to evade mail filters.
Attackers used email attachment way to bypass the browser’s blacklist filter which often notify users about phising pages.
LinkedIn users must avoid these kind of emails and login only on website directly by typing linkedin.com in browser. To make your LinkedIn account more secure, users can also enable two-step verification.
Source: Symantec Blog
