The phishing email pretended to be sent by the country’s postal service, Slovenská pošta, announcing to the receiver that there is a remaining shipment cost to pay.
Using email header trickery, the address appears legitimate to the recipient, but if examined closely, it becomes clear that the sender is actually “firstname.lastname@example.org”, entirely unrelated to the postal service.
The value of the shipping cost mentioned in the bogus email is €2.99, but the real purpose of this campaign is to steal victim’s credit card details like:
The name of the cardholder
Visitors who enter the information and click on “submit” will be informed that their payment has been received and eventually redirected to a final SMS code confirmation page with the sole purpose of sprinkling legitimacy in the process.
LinkedIn representatives have declared for BleepingComputer that they “work to take action against those who attempt to harm LinkedIn members through phishing.”, and encourage users to protect themselves by adopting basic cybersecurity measures like two-steps authentication and a strong password.
Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content. A literature-born cybersecurity enthusiast (through all those SF novels…), she loves to bring her ONG, cultural, and media background to this job.