Cyber criminals targeting LinkedIn users, says Symantec

By: |
New Delhi | Published: January 19, 2015 8:01:07 PM

Cybercriminals are now targeting LinkedIn users by scamming them into sharing their credentials by sending out mails claiming...

Founded in 2003, LinkedIn has over 300 million members globally, of which more than 26 million users are in India. (Reuters)Founded in 2003, LinkedIn has over 300 million members globally, of which more than 26 million users are in India. (Reuters)

Cyber criminals are now targeting LinkedIn users by scamming them into sharing their credentials by sending out mails claiming to be from the support team of the world’s largest professional networking firm, security software firm Symantec warned today.

Founded in 2003, LinkedIn has over 300 million members globally, of which more than 26 million users are in India (as of June 2014).

Symantec said that over the last week it has observed an increase in phishing emails claiming to be from the US-based firm’s support team.

No immediate response was available from LinkedIn.

“The body of the email claims that irregular activities have prompted a ‘compulsory security update’ for the recipients’ LinkedIn account,” Symantec said.

The email goes on to say that in order to secure their account, the recipient needs to download the attached form (an HTML attachment) and follow the instructions, it added.

The attachment is a copy of the real LinkedIn.com website, it said.

“However, the website’s source has been modified, so if the recipient uses this web page to sign in to their LinkedIn account, their credentials will be sent directly to the attacker,” Symantec warned.

The email uses a lowercase ‘i’ to spell LinkedIn, instead of capital ‘I’ as used by the “The difference in characters is indiscernible to the eye and functions as a way to evade mail filters. Also, the HTML attachment method bypasses browser blacklists that often flag suspicious websites to help prevent users from being phished,” Symantec said.

The security firm said LinkedIn users should consider turning on two-step verification as this would prevent an attacker to access the account even if a user’s credentials are compromised.

Get live Stock Prices from BSE and NSE and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.