Office of the Chief Information Security Officer

April 16, 2021

LinkedIn users targeted

Cybercriminals use LinkedIn’s public-facing service to collect information about LinkedIn members, the same information LinkedIn displays to non-members to include members’ names and job titles. Phishers are using this information to send malicious email messages to LinkedIn members under the guise of an employment opportunity.

Currently, the phishers are attaching Zip files with names that coincide with their target’s current LinkedIn job title. The Zip file contains malware designed to download additional malware packages of the phisher’s choice, including credential stealers and ransomware.

  • If you are a LinkedIn member, beware of unsolicited job offers that contain attachments or links. Any attachment, including Word documents, PDF and Zip files, can contain malware.
  • Even if the first job offer does not contain a link or attachment, be sure to verify unsolicited job offers before engaging in communication with the sender. A malicious link or attachment may be present in a subsequent message once the phisher has established a basic level of trust.

More information

LinkedIn Users Targeted by Spear-Phishing Campaign

Phishing online training

Emotet Malware online training

Malware and Ransomware Risk Advisory

More Articles