LinkedIn Tops The List for Phishing Attacks Globally: Report
News

LinkedIn Tops The List for Phishing Attacks Globally: Report

Check Point Research (CPR) urges LinkedIn users to watch out for suspicious emails, as it releases its 2022 Q1 Brand Phishing Report. The report highlights the brands that hackers most often imitated in the first three months of this year, in order to lure people into giving up their personal data. LinkedIn placed at the top for the first time, marking 52% of all phishing attacks globally.

It represents a dramatic, 44% uplift from the previous quarter, when LinkedIn was in fifth position and related to only 8% of phishing attempts. CPR’s latest report points to an emerging trend toward threat actors leveraging social networks, now the number one targeted category ahead of shipping companies and technology giants such as Google, Microsoft and Apple.

  • WhatsApp maintained its position in the top ten, accounting for almost onein 20 phishing-related attacks worldwide.
  • Shipping is now the second most targeted category
  • CPR provides two visual examples of brand phishing attempts caught: LinkedIn and Maersk

Check Point Research (CPR) issued its 2022 Q1 Brand Phishing Report. The report highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials during January, February and March. 

What is a Brand Phishing Attack?

In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site. The link to the fake website can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.

Top 10 List

Below are the top brands ranked by their overall appearance in brand phishing attempts:

  1. LinkedIn (relating to 52% of all phishing attacks globally)
  2. DHL (14%)
  3. Google (7%)
  4. Microsoft (6%)
  5. FedEx (6%)
  6. WhatsApp (4%)
  7. Amazon (2%)
  8. Maersk (1%)
  9. AliExpress (0.8%)
  10. Apple (0.8%)

LinkedIn Surfaces to the top for the First Time

Social media network, LinkedIn, dominated the rankings for the first time ever, accounting for more than half (52%) of all phishing attempts during the quarter. This represents a dramatic 44% uplift from the previous quarter, where the professional networking site was in fifth position accounting for only 8% of phishing attempts. LinkedIn overtook DHL as the most targeted brand, which is now in second position and accounted for 14% of all phishing attempts during the quarter.

Quote: Omer Dembinsky, Data Research Group Manager at Check Point Software

“These phishing attempts are attacks of opportunity, plain and simple. Criminal groups orchestrate these phishing attempts on a grand scale, with a view to getting as many people to part with their personal data as possible. Some attacks will attempt to gain leverage over individuals or steal their information, such as those we’re seeing with LinkedIn. Others will be attempts to deploy malware on company networks, such as the fake emails containing spoof carrier documents that we’re seeing with the likes of Maersk. If there was ever any doubt that social media would become one of the most heavily targeted sectors by criminal groups, Q1 has laid those doubts to rest. While Facebook has dropped out of the top ten rankings, LinkedIn has soared to number one and has accounted for more than half of all phishing attempts so far this year. The best defense against phishing threats, as ever, is knowledge. Employees in particular should be trained to spot suspicious anomalies such as misspelled domains, typos, incorrect dates and other details that can expose a malicious email or text message. LinkedIn users in particular should be extra vigilant over the course of the next few months.”

Cyber Safety Tips

  1. Be cautious when divulging personal data and credentials to business applications or websites
  2. Think twice before opening email attachments or links, especially emails that claim to be from companies such as LinkedIn or DHL, as they are currently the most likely to be impersonated
  3. Look for misspellings in emails
  4. Beware of urgent requests, such as change your password now

Example A: LinkedIn Imitation

In this phishing email, we see an attempt to steal a user’s LinkedIn account information. The email, which was sent from the email address “LinkedIn (smtpfox-6qhrg@tavic[.]com[.]mx)”, contained the subject “M&R Trading Co., Ltd. The attacker was trying to lure the victim to click on a malicious link, which redirects the user to a fraudulent LinkedIn login page.

Example B: Maersk Imitation

During the first quarter of 2022, CPR observed a malicious phishing email that used Maersk’s branding and was trying to download the Agent Tesla RAT (Remote Access Trojan) to the user’s machine. The email, which was sent from a webmail address and spoofed to appear as if it was sent from “Maersk Notification (service@maersk[.]com)”, contained the subject, “Maersk : Verify Copy for Bill of Lading ready for verification.”. The content asked to download an excel file “Transport-Document”, that would cause the system to be infected with Agent Tesla. Agent Tesla is a known spyware focused on stealing sensitive information from a victim’s device, such as saved application credentials, keyboard inputs (keylogger).

Check Point Research
Check Point Software
LinkedIn App

Related Stories

No stories found.
logo
DIGITAL TERMINAL
digitalterminal.in