I’ve received a number of messages on LinkedIn over the last 24 hours that rang alarm bells. At first glance they looked like ordinary notes from my contacts, but then I noticed they were all asking me to click on an unfamiliar link:
I had our MailGuard team look at the link, and run it through our systems. Sure enough, the link in the message opened a fake Dropbox login page, which asked for credentials. See screenshot below:
Of course, if I had clicked on the link and logged into the fake Dropbox page - as many people naturally would - my password would have been stolen by the criminals running this scam.
All the LinkedIn accounts sending these malicious messages appear to have been hacked. So, I want to share this incident with all of you as a reminder to be careful with links in messages, whether they be emails, or on social media like LinkedIn. Just because you trust the platform - LinkedIn is certainly a trustworthy company - doesn’t mean you can always trust the messages you get. Criminals can seize control of accounts using malware - as they probably did in this instance - and send out bogus messages designed to snare people into giving up their information. They get past our defences by manipulating the trust we have for our social media apps and our contacts.
If you’ve received a message like this recently, please let the person whose account sent it to you know, so they can take steps to eliminate the malware on their system.
Similarly, if you know your account has been hacked, or you have received this kind of message, it’s very important to let everyone in your network know about it. Communication and transparency is a big part of combatting cybercrime fraud like this.
Join in the Cybersecurity Conversation:
I look forward to hearing about your experiences and offering any advice I can.
If you’ve seen suspicious activity like this in your account let us know in the comments, below.
Please remember: think before you click.
Protect Your Inboxes
All criminals need to break into your business is a cleverly worded email or social media message; if they can trick one person in your company into clicking on a malicious link they can gain access to your data.
For a few dollars per staff member per month, you can protect your business with MailGuard's cloud-based email and web filtering security.
Talk to an expert at MailGuard today about making your company's network secure: click here.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below: