New research has shown LinkedIn as the most frequently impersonated brand used in phishing attacks, with more than 52% of incidents worldwide using LinkedIn’s likeness.
Cybersecurity company Check Point reported last year that LinkedIn were the fifth-most impersonated brand in Q4, accounting for 8% of incidents. The company’s latest figures show LinkedIn has moved to the top of the list.
This marks the first time a social media brand has been the most impersonated brand in what represents a move away from shipping companies and tech giants by scammers, with WhatsApp also included in the top 10. The full top 10 is as follows (credit: Check Point):
- LinkedIn (relating to 52% of all phishing attacks globally)
- DHL (14%)
- Google (7%)
- Microsoft (6%)
- FedEx (6%)
- WhatsApp (4%)
- Amazon (2%)
- Maersk (1%)
- AliExpress (0.8%)
- Apple (0.8%)
Check Point say a typical brand phishing attack involves criminals who “try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site”. They say the link to the fake site “can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application”. Once on the site, users may see “a form intended to steal users’ credentials, payment details or other personal information”.
It is likely that LinkedIn has risen sharply on the list as scammers attempt to access the accounts and steal the data of employees of prominent companies and high-interest individuals. North Korean hackers have previously used the platform as part of a “spear-phishing” campaign in which they targeted cryptocurrency organisations with fake job offers, which provided to be very effective: they heisted $571 million between 2017 and 2018.
The company provided an example of a fake LinkedIn login portal which closely resembles that of the official site:
They stressed that users of services from companies included on the list should be vigilant when opening emails purporting to be official, especially when divulging personal data and credentials.