LinkedIn Phishing Spoof Bypasses Google Workspace Security
A credential-stealing attack that spoofed LinkedIn and targeted a national travel organization skates past DMARC and other email protections.
A phishing email purportedly from LinkedIn with the subject line "We noticed some unusual activity" was discovered targeting users at a travel organization, in an attempt to pilfer their credentials on the social-media platform.
The phishing campaign slipped past Google's email security controls after cheating email authentication checks via SFP and DMARC, according to Armorblox, whose email security system at the victim organization found and stopped the attack pointed at some 500 user inboxes.
"The main call-to-action button (Secure my account) included within the email contains a bad URL and took victims to a fake landing page. This fake landing page ... mimicked a legitimate LinkedIn sign in page that included LinkedIn logos, language, and illustrations that mirrored true LinkedIn branding," Armorblox wrote in a post about the attack campaign.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024