LinkedIn becomes most impersonated brand in phishing attacks

Social media sites such as LinkedIn are increasingly becoming a target for phishing attempts, according to a new Check Point report

LinkedIn has recently become the most impersonated brand when it comes to phishing attacks, according to new information from Check Point Research (CPR).

Publishing its Brand Phishing Report for Q1 2022, Check Point Research’s report highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials during January, February and March.

Social media becomes new playground for malicious actors 

The latest report highlights an emerging trend toward threat actors leveraging social networks, now the number one targeted category ahead of shipping companies and technology giants such as Google, Microsoft and Apple. 

Social media network, LinkedIn accounted for more than half (52%) of all phishing attempts during the quarter, representing a 44% uplift from the previous quarter. LinkedIn overtook DHL as the most targeted brand, which is now in second position and accounted for 14% of all phishing attempts during the quarter.

“These phishing attempts are attacks of opportunity, plain and simple. Criminal groups orchestrate these phishing attempts on a grand scale, with a view to getting as many people to part with their personal data as possible,” said Omer Dembinsky, Data Research Group. 

As well as LinkedIn being the most targeted brand by a considerable margin, WhatsApp maintained its position in the top ten, accounting for almost 1 in 20 phishing-related attacks worldwide. 

Cyber criminals are targeting the rise of eCommerce 

Shipping is now the second most targeted category, with threat actors continuing to take advantage of the general rise in e-commerce by targeting consumers and shipping companies directly. FedEx has moved from seventh position fifth, now accounting for 6% of all phishing attempts; and Maersk and AliExpress have entered the top ten list for the first time.  

“Some attacks will attempt to gain leverage over individuals or steal their information, such as those we’re seeing with LinkedIn. Others will be attempts to deploy malware on company networks, such as the fake emails containing spoof carrier documents that we’re seeing with the likes of Maersk,” added Dembinsky.

He continued: “If there was ever any doubt that social media would become one of the most heavily targeted sectors by criminal groups, Q1 has laid those doubts to rest. While Facebook has dropped out of the top ten rankings, LinkedIn has soared to number one and has accounted for more than half of all phishing attempts so far this year.”

One of the best defences against phishing threats consists of equipping yourself and employees with knowledge of how to spot a malicious message or how to respond. Watch out for misspelled domains, typos, incorrect dates, suspicious links and other red flags that can potentially expose a malicious email or text message. LinkedIn users, in particular, should take care to consider who reaches out to them, and whether or not it’s a good idea to connect.




Featured Articles

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Nearly 31% of hospitality organisations have reported a data breach in their company’s history, according to a Trustwave cybersecurity report

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security

Supply chain cyberattacks seen as catastrophic for business

Cyber Security