A new phishing scam has been launched on the digital networking platform LinkedIn. This Scam Going viral fast. This time cyber fraudsters are not targeting common users but senior executives and business leaders of the finance sector. Scammers are trying to steal people’s Microsoft login credentials via LinkedIn direct messages instead of using the old email method. Let’s know in detail how this scam works and how people are being cheated.
The fun of listening to songs will be doubled now! These subscribers will get free access to Apple Music for 4 months, know more
Cyber security firm Push Security has disclosed this high-risk LinkedIn phishing campaign. According to the report, scammers create a professional and genuine-looking profile on LinkedIn. The scammers then send a user an exclusive invitation to join a fake board called a Commonwealth Investment Fund. “We invite you to join the Executive Board of our new Commonwealth Investment Fund launching in South America,” is the kind of invitation scammers send to users. This invitation sounds very professional to hear and read, which makes many senior people consider it a golden opportunity for their career. Once the user accepts this invitation, the real game begins. (Photo Courtesy – Pinterest)
Scammers include a link in the invitation sent to the user. After clicking on this link, the user is already redirected to Google Search. It is then routed to a scammer-controlled site and finally to a fake Microsoft login page. This page looks exactly like the real Microsoft sign-in screen. When users enter their email and password on this page, their entire information goes directly to cyber scammers. That means one click can put your entire corporate account and data at risk.
According to Push Security, hackers are now using highly advanced technology. They are using security technologies like CAPTCHA and Cloudflare Turnstile, so that security bots won’t scan their site and it won’t block the site either.
A new chapter begins… Maharashtra will become India’s first Starlink state! Villagers will also get high-speed internet experience
According to the report, phishing campaigns are not limited to emails anymore. Scammers are now gearing up to scam people through social media as well. This attack is especially dangerous on professional networks like LinkedIn. Because corporate accounts and business data are widely available here. Push Security warned, “Even if this attack is on a ‘personal’ app like LinkedIn, it could allow hackers to gain access to important accounts at companies and services like Microsoft and Google.”
