LinkedIn becomes most impersonated brand in phishing attacks

Share
Social media sites such as LinkedIn are increasingly becoming a target for phishing attempts, according to a new Check Point report

LinkedIn has recently become the most impersonated brand when it comes to phishing attacks, according to new information from Check Point Research (CPR).

Publishing its Brand Phishing Report for Q1 2022, Check Point Research’s report highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials during January, February and March.

Social media becomes new playground for malicious actors 

The latest report highlights an emerging trend toward threat actors leveraging social networks, now the number one targeted category ahead of shipping companies and technology giants such as Google, Microsoft and Apple. 

Social media network, LinkedIn accounted for more than half (52%) of all phishing attempts during the quarter, representing a 44% uplift from the previous quarter. LinkedIn overtook DHL as the most targeted brand, which is now in second position and accounted for 14% of all phishing attempts during the quarter.

“These phishing attempts are attacks of opportunity, plain and simple. Criminal groups orchestrate these phishing attempts on a grand scale, with a view to getting as many people to part with their personal data as possible,” said Omer Dembinsky, Data Research Group. 

As well as LinkedIn being the most targeted brand by a considerable margin, WhatsApp maintained its position in the top ten, accounting for almost 1 in 20 phishing-related attacks worldwide. 

Cyber criminals are targeting the rise of eCommerce 

Shipping is now the second most targeted category, with threat actors continuing to take advantage of the general rise in e-commerce by targeting consumers and shipping companies directly. FedEx has moved from seventh position fifth, now accounting for 6% of all phishing attempts; and Maersk and AliExpress have entered the top ten list for the first time.  

“Some attacks will attempt to gain leverage over individuals or steal their information, such as those we’re seeing with LinkedIn. Others will be attempts to deploy malware on company networks, such as the fake emails containing spoof carrier documents that we’re seeing with the likes of Maersk,” added Dembinsky.

He continued: “If there was ever any doubt that social media would become one of the most heavily targeted sectors by criminal groups, Q1 has laid those doubts to rest. While Facebook has dropped out of the top ten rankings, LinkedIn has soared to number one and has accounted for more than half of all phishing attempts so far this year.”

One of the best defences against phishing threats consists of equipping yourself and employees with knowledge of how to spot a malicious message or how to respond. Watch out for misspelled domains, typos, incorrect dates, suspicious links and other red flags that can potentially expose a malicious email or text message. LinkedIn users, in particular, should take care to consider who reaches out to them, and whether or not it’s a good idea to connect.

 

 

Share

Featured Articles

Apple's Siri: How The Most Private AI Assistant Works

After a lawsuit, Apple is eager to prioritise privacy in Siri through its on-device processing, minimal data collection and advanced security protection

How The UK’s AI Plan Will Impact The Cybersecurity Sector

The UK’s £14bn AI investment requires enhanced cybersecurity measures as Kyndryl and Vantage Data Centres prepare for infrastructure expansion

Darktrace to Acquire Cado Security in Cloud Defence Push

AI cybersecurity firm Darktrace expands its cloud investigation capabilities through purchase of Cado Security, following recent acquisition by Thoma Bravo

Sophos MDR Reports 37% Customer Growth in Cybersecurity Push

Cyber Security

Netskope Data Shows Phishing Success Rate Tripled in 2024

Cyber Security

CrowdStrike Field CTO Warns of Identity-Based Attacks Shift

Cyber Security