Why You Should Be Cautious About Emails From ‘LinkedIn’

The social media site featured in over half of all global phishing attacks that took place in the first three months of 2022.
Aaron Drapkin

LinkedIn has officially become the most impersonated brand used in phishing attacks, according to a new report from cybersecurity firm Check Point.

The phenomenon suggests that scammers are pivoting toward targeting wealthy, powerful professionals working for profitable businesses.

The news is a grim reminder that there’s never been a better time to bolster your company’s security defenses with antivirus software – many of the top providers now offer built-in email scanners

Don’t Click on Anything That’s LinkedIn the Email

According to Check Point’s Q1 2022 Brand Phishing Report, LinkedIn was impersonated in 52% of global phishing attacks in the first quarter of this year, more than any other brand.

This is a massive change from the final three months of 2021, within which LinkedIn was the fifth-most common brand for phishing scammers to impersonate, accounting for 8% of attacks.

German courier service DHL – which was the second most impersonated brand in phishing attacks – accounted for just 14% by comparison. Google (7%), Microsoft (6%), Whatsapp (4%), and Amazon (2%) joined DHL in the top 10.

Some of the phishing scams identified by Check Point used LinkedIn’s official logo and others provided victims with a link to a page that looks exactly like LinkedIn’s homepage.

What does this data tell us?

The pivot to LinkedIn over consumer services like delivery companies is likely down to two key reasons. Firstly, Linkedin is a social media platform. Hacking into someone’s social media opens up different possibilities than, say, someone’s DHL account.

From a Scammer's perspective, gaining access to Social Media Account – especially one owned by a businessman – could open up endless possibilities for more fraud.

Control of a social media account would allow a scammer to message hundreds of other individuals and contains reams of personal information like birth dates, phone numbers, and other personal details that could be used to bypass security questions on other sites.

But Linkedin popping up in more phishing attacks than ever before also suggests that threat actors are increasingly moving towards “spear-phishing” – targeting specific, high-profile targets in high stakes, high reward scams – and away from phishing regular internet users.

How can I Protect My Business from Phishing Attacks?

In order to protect yourself from Phishing, you need a two-pronged attack: software and training. Both are equally as important as one another, but for completely different reasons.

Although a phishing attack doesn’t have to be malware-based, many of them are. So, antivirus software is a great place to start because it will detect and block malicious content if it's being loaded onto your computer without your knowledge.

Plus, the best antivirus software for business nowadays will come with a built-in email scanner to flag suspicious emails for you and give everyone in your company a helping hand in avoiding danger.

For phishing attacks that do not involve malware, you’re going to have to regularly train staff to spot the tell-tale signs that an email is a scam. Training may also involve novel techniques to improve understanding such as simulated phishing attempts.

Phishing attacks are only going to get more sophisticated, but using the tools and resources you have at your disposal will ensure you have the best chance of avoiding them.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Aaron Drapkin is a Senior Writer at Tech.co. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol three years ago. As a writer, Aaron takes a special interest in VPNs and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, The Week, and Politics.co.uk covering a wide range of topics.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals