The anatomy of the Linkedin phishing scam
Be on the alert for a new Linkedin phishing scam circulating through business and personal email accounts. The goal of this email is the same as with all scams of this type. The scammer is trying to get personal information such as a birth date and Social Security Number or financial information such as a credit card or bank account number from unsuspecting consumers. This information will be used for identity theft or other fraud schemes.
Below is a copy of the Linkedin Email. Let’s break it down into its “phishy” components to understand why this email is a fake.
Subject Line: Linkedin Update,
Dear Linkedin User
Due to the recent upgrade in linkedin you have to upgrade your account to keep using linkedin or your account will be terminated.
In order to login click the link below (http://trivialsalgad…..) to login and wait for responds from linkedin. We apologies for any inconvenience and appreciate your understanding.
Here are the basic elements of this scam:
- This was an unsolicited email.
- Note the Subject Line. It’s very vague.
- The Salutation is generic. Legitimate companies will personalize email communications to their customers, especially if it concerns account issues.
- The use of fear and threats (of account termination) if the recipient doesn’t act immediately.
- What looks like a link to the Linkedin Login page, is actually a link to a malicious website that will capture login information and use it for identity theft. It may also download malware onto your computer. The actual link (truncated for safety) is revealed below. The country of origin was Brazil and the link went to a login webpage.
- Blatant grammatical errors throughout the email.
Pay attention to these tell-tale signs, before you become a victim to the next phishing scam. If you believe that your personal Linkedin account has been compromised, go to the Linkedin Safety Center.