LinkedIn has been the most imitated brand by the hackers to execute cyber-attacks in the first three months of this year accounting for 52% of all phishing attacks globally, stated a report by Checkpoint.
“It represents a dramatic, 44% uplift from the previous quarter when LinkedIn was in the fifth position and related to only 8% of phishing attempts,” it said.
According to Checkpoint, in a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web-page design to the genuine site. The link to the fake website can be sent to targeted individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information.
Checkpoint’s report points to an emerging trend toward threat actors leveraging social networks, now the number one targeted category ahead of shipping companies and technology giants such as Google, Microsoft and Apple.
WhatsApp maintained its position in the top ten, accounting for almost one in 20 phishing-related attacks worldwide.
LinkedIn dominated the rankings for the first time ever representing a dramatic 44% uplift from the previous quarter, where the professional networking site was in fifth position accounting for only 8% of phishing attempts. LinkedIn overtook German logistics company DHL as the most targeted brand, which is now in the second position and accounted for 14% of all phishing attempts during the quarter.
“While Facebook has dropped out of the top ten rankings, LinkedIn has soared to number one and has accounted for more than half of all phishing attempts so far this year,” said Omer Dembinsky, Data Research Group Manager at Check Point Software.
Talking about the remedies against such attacks, Dembinsky said that the best defence against phishing threats, as ever, is knowledge. Employees, in particular, should be trained to spot suspicious anomalies such as misspelt domains, typos, incorrect dates and other details that can expose a malicious email or text message.
LinkedIn users, in particular, should be extra vigilant over the course of the next few months, he suggested.