This is security advisory for our readers who have LinkedIn accounts. We have been made aware of a phishing email scam that is targeting LinkedIn users. Scroll down to read more about this.
Users of the popular business-oriented social networking service LinkedIn are apparently receiving emails that seem to be from LinkedIn support. In these emails, the recipient is informed about “irregular activities” in their account, because of which a compulsory security update is required. To do so, the user is advised to download an HTML file (attached in the email).
The Real Story!
These emails are fake and are part of a pretty old phishing email scam. If you click the html file, it will redirect you to a fake website that looks like the actual LinkedIn login page. Any login information you give on this page will be transmitted directly to the attacker, who will then hijack your account.
Below is a sample of the phishing email that seems to have been sent by LinkedIn support:
Tips to Avoid Phishing Email Scams
To ensure that you don’t fall into such phishing traps, here are some simple measures you can take:
LinkedIn’s has an official page that has listed out helpful tips on how to identify a fraudulent or phishing email. You can read about them here.