For the second quarter in a row, LinkedIn is the most imitated brand in phishing attacks, according to Check Point.

Some 45% of all phishing attempts were spoofs of LinkedIn. Rounding out the top 5:

  • Microsoft (13%)
  • DHL (12%)
  • Amazon (9%)
  • Apple (3%)

Impersonation attacks work because they look close to the real thing. End-users are accustomed to receiving emails from LinkedIn or other popular brands. If they don't do a close inspection, however, they won't notice that the URL is different or the sender address is amiss.

Here's one example:

A user might think to click on this link. However, the URL has nothing to do with LinkedIn: https://lin882[.]webnode[.]page/”

It then leads to this fake login page:

Whenever you receive an email from a brand, always do the following:

  • Hover over the URL. If it's different than the brand name, stay away
  • Hover over the sender address. If it's different that what you'd expect, stay away