New Phishing Attacks Put LinkedIn Users At Risk

Social networks are platforms widely used by users. They are very present in our day to day. They are used to communicate with friends and family, stay informed, share photos or videos … However, this also makes hackers set their sights here. In this article we echo the latest trick used to attack LinkedIn users.

New attack puts LinkedIn users at risk

LinkedIn is one of the social networks with the most users in Spain. It is a platform for job search mainly. Here private users create a profile where they indicate their skills, studies, experience … At the same time that companies apply for certain positions.

New Phishing Attacks Put LinkedIn Users At Risk

Keep in mind that on a platform like LinkedIn there are many personal data that users can have. This means that in the event of a leak or attack, privacy can be seriously compromised.

What is this new hack used by hackers? They basically try to carry out Phishing attacks to steal passwords. They use decoys that consist of fictitious works. They look for information on the victim’s profile, of jobs that may be related, and they pose as a supposedly legitimate company and send a link to the information of that job.

However, as we can imagine, that link contains malware, it is a Phishing attack to steal the keys or any other threat that can compromise the privacy of users. One of the main strategies is to get the user, the ultimate victim, to download a tool known as more_eggs. It is actually a back door program, a script, that executes different functions to compromise the security of the computers.

They usually send a ZIP file through these links. That file is named after the alleged job offer. It contains an LNK file that, when run, seriously compromises the computer.

One of the most important problems is that they take care of the details. These attacks are totally personalized. They obtain information from the victim to make the attacks more credible and to better achieve their objectives.

The attackers belong to a group called Golden Chickens . They are perfecting their techniques to sneak in this backdoor, this remote access Trojan, to control victims’ computers.

Uso de LinkedIn

How to avoid falling victim to these LinkedIn attacks

It is important to take into account certain tips to avoid being victims of attacks by LinkedIn and any other social network. For example, we must always have a good antivirus that prevents the entry of malware that compromises our systems. There are many varieties of malicious software that are present on the net. It is essential to keep social media safe.

We must also keep the equipment properly updated . Many of these attacks are based on vulnerabilities that are present in the system. We must correct them and thus prevent them from being exploited by third parties.

On the other hand, common sense must be present at all times. Perhaps the most important of all. Many of the threats will require the interaction of the victim. This means that they need us to carry out the download of some file, for example.