Skip to main content

Think Twice Before Clicking Those LinkedIn Notifications

Think Twice Before Clicking Those LinkedIn Notifications
TroyGIll
Community Manager

LinkedIn phishing continues to remain a favorite attack vector by threat actors. Sales solicitations are seen in such abundance on the LinkedIn platform that many users may be in the habit of clicking these notifications poste-haste while weeding out the noise.

This example claimed to be a message reminder for “2 new messages” from salesperson for Janssen Pharmaceuticals, a Johnson & Johnson company. However, the from address displayed the domain of 51job[.]com, a recruitment website in China with the message originating from servers located in Moldova.

 

The payload link leads to a generic phishing kit located at youdontcare[.]com. It will pre-fill the recipients email address and domain name into the site based upon a string in the URL, we used someone@somewhere.com for the image example below for illustrative purposes.

 

 

Did this help you find an answer to your question?

0 replies

Be the first to reply!

Reply