SECURITY EVANGELIST

There’s a new LinkedIn scam doing the rounds, involving phishing emails and a fake website designed to harvest the information you have in your CV.

How the scam starts: the phishing email

In the first stage of the scam, you receive a phishing email disguised as a LinkedIn email.

Here are just a few of the giveaways that this is a phishing email:

  • Wrong sender name. Instead of it being “LinkedIn”, it’s “linkedin”.
  • The email sender address doesn’t make any sense. For the most part, emails from LinkedIn should end in “@linkedin.com” such as “jobs-listings@linkedin.com” or “invitations@linkedin.com”
  • The urgent tone of the email. Phishing emails want to stop you from critically analyzing their contents by making it seem like the offer could expire at any moment, so you should act as soon as possible.
  • The design of the email. LinkedIn offers as a lot of information about the job listing within its newsletter, alongside mentions of connections and such.

  • It doesn’t have a correct LinkedIn footer. Normally, a legitimate footer from a big company contains an Unsubscribe / Help button, corporate branding, copyright protection and address.

Harvesting information from your CV

Clicking either of the two links in the spam email will send you to https://linkedinjobs (dot ) jimdo (dot) com.

We scanned the link with VirusTotal, and most of the security solutions found it to be clean, with the exception of a less well known scanner, AutoShun.

Clicking on the website itself will take you to a simple page, where the main focus falls on a form for uploading your CV.

Why would a cybercriminal want your CV?

Your CV contains a wealth of personal data which a cybercriminal uses to make a profit at your expense.

Phone numbers can be sold for companies doing promotional cold calling. Or, the cybercriminal might call you himself in a vishing attack.

In other cases, he might use the information for identity theft, using the companies you worked at or attached references as a cover for fraudulent activities.

Another frequently seen scam is one in which you do actual work, but only as part of a trial period. In these situations, the “employer” will fire you a few days before your first paycheck is due, which is exactly what happened to Beverly, who ended up working for a company she thought was legitimate, only to find in the final week that it wasn’t, and no salary would arrive.

Sometimes however, the attacker targets a company you worked at (or a future company you want to work for). Using the information found within your CV, the attacker might impersonate you in order to launch spear phishing emails against people in those companies, such as the CEO or the accounting department, in order to illegally obtain funds or money transfers.

In 2016 for instance, the CEO of an Austrian airplane component manufacturer was fired after he got tricked by a spear phishing attack that led him to transfer around 40 million euros to the scammer’s account.

Report these scams and phishing emails

This isn’t the first time LinkedIn has been used a cover for a phishing campaign. Another similar situation was encountered in 2016, which we also covered.

It’s difficult (if not impossible) for companies alone to prevent these scams from taking place. In these cases, users too should contribute to keeping the Internet safe.

In cases involving LinkedIn, the best course of action is to report these to the company:

  • phishing@linkedin.com is for phishing messages you receive directly in your LinkedIn account.
  • safety@linkedin.com is for phishing emails you receive in your email inbox, from someone pretending to be LinkedIn.

LinkedIn itself also offers a thorough set of tips and advice on how to recognize various scams over the network, such as inheritance or dating scams.

To summarize

When you’re actively searching for a job, being offered one in such a compelling tone might seem appealing. Because you expect to receive such messages (indeed, you welcome them) you’re tempted to let your guard down, and that’s exactly when a scammer strikes.

If you want to know more about phishing, and how to prevent it, we recommend you check out our dedicated article on the subject and also our guide on improving LinkedIn security.

linkedin-phishing-campaign
2016.11.04 INTERMEDIATE READ

Security Alert: LinkedIn Phishing Campaign Pretends to Care for Your Security

linkedin security
2016.06.08 INTERMEDIATE READ

Follow These 10 Easy Steps to Enhance your LinkedIn Security and Privacy [Updated]

Detecting and Preventing Phishing
2015.12.23 SLOW READ

The ABCs of Detecting and Preventing Phishing

Comments

Thanks for the above article you can get more information on security jobs scam on https://www.sjc123.co.uk/

I adore meeting utile info, tһis post һas ցot me
еven more info!

Thank you for your feedback! Glad to know it was helpful!

I have read so many articles about the blogger lovers
but this post is really a good article, keep it up.

I сouldn?t refrain from commenting. Ꮩery welⅼ wгitten!

Beware the phishing scam. More and more likely. Know your email source.

Thank you for this informative article. I tell as many clients and people as much as i can about letting your guard down. Folks just do not realize that if there is a vulnerability out there, these people will find a way to squeeze through the crack and get you. Shame. I love this blog. Keep up the awesome work!

Thank you so much for the lovely feedback, Joel! And thanks again for taking the word about cyber security awareness farther!

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP
179 queries in 0.896 seconds