LinkedIn Phishing Scams - What you need to know

From: connections@linkedin.com

Subject: You have a new connection request from Jessica Gomez!

It was nice to meet you . I'd like to connect with you on LinkedIn.

- Jessica

Jessica Gomez
Managing Director at RHPW Consulting

View Profile

Hover over the indicators in red to learn the indicators of a phish.

Fake LinkedIn connection invitations are a common phishing technique. Cybercriminals create enticing profiles and even pose as recruiters to grab your attention. You could also get a bogus email confirming a new connection request.

Remember:

Only accept connection requests from people you know. Once someone is part of your network, they can see your information and can send you a personalized message with malware.
Update your privacy settings. Review your settings to see what information is publicly available and whether connections can see your email address.

From:

Subject: Nadisha wants to place order with you via LinkedIn

Nadisha would like to stay in touch on LinkedIn

Owner, nagts.org
Franceß

Thank for your attention.

Please quote our new order of 10,000pcs,delivery terms and terms

of payment ...

Nadisha

You received an invitation to connect. LinkedIn will use your email address to make suggestions to our members in features like People You May Know. Unsubscribe

This email was sent to user.

If you need assistance or have questions, please contact LinkedIn Customer Service

Hover over the indicators in red to learn the indicators of a phish.

Purchase orders, invoices, and requests for quotes continue to be popular narratives in phishing emails. Always follow company policies, and be wary of unusual requests that do not follow company policies.

Remember:

Look at the domain name. For example, if the target company’s domain was www.example.com, the phishers may register “examp1e.com” or “example.co.”
Always verify. If you know the sender, verify with a quick phone call.

From: security@linkedin.com

Subject: LinkedIn Security Alert

We think that your LinkedIn account or you signed in from another computer or device recently.

When this happens, we require you to verify your identity with a security challenge.

your LinkedIn account follow the link below to verify now.

Please Note its nothing to get alarmed About, this is just a measure.

Thank you

Hover over the indicators in red to learn the indicators of a phish.

Cybercriminals often appeal to emotions of fear and urgency with email narratives like “Account Access Blocked” or “Someone Accessed Your Account”. Use caution if you receive an urgent email about account status.

Remember:

Use a different password for every account. Keep track of your passwords with a password manager application.
Set up multi-factor authentication (MFA). Strengthen the security of your account by setting up MFA wherever it is offered.

From:LinkedIn

Subject: LinkedIn Job Openings

Job openings for active LinkedIn users

. They are interested on your qualifications base on ur recommendation. Your email address has been updated in our recruitment database & please we are waiting for your CV and Cover letter.

If the button doesn't work, you can click here. This is the best place you need to send your CV now.

2018 LinkedIn Corporation

Hover over the indicators in red to learn the indicators of a phish.

Job opportunities are a common phishing lure. Be wary of unexpected emails mentioning a job offer or fake job applications with attached resumes or cover letters.

Remember:

If it seems too good to be true, it likely is. Read emails thoroughly and be wary of words like “Caution” and “Urgent”, which draw your attention and make you act quickly.
Bookmark frequently-visited websites. Instead of clicking links in emails, navigate to trusted sites by using bookmarks.