LinkedIn Hackers are Targeting Pro Users in Italy and France
Forget about phishing, enter LinkedIn hackers! cybercriminals are upping their game and are now using LinkedIn to plant viruses on your machines. As they are sending their messages through LinkedIn navigator, they are catching professional users unawares. Indeed, the latter are less prone to expect cyber attacks to originate from that channel. This is a strong reminder that multi-factor authentication is now a must-have for all platforms, amongst other protective measures like strong passwords, which must be changed regularly.
LinkedIn Hackers are targeting pro users
Hackers are getting smarter every day. They are now using Sales Navigator to send you targeted messages in plain Italian or French and possibly in English.
We aren’t sure about this but generative AI may have played a role in correcting the cybercriminals’ grammar.
Readers should be on their toes
Visionary Marketing received one of these messages this very morning, hence this breaking news post, as we are keen on warning our readers who should be on their toes while they are using Microsoft’s professional social network.
Here is the exchange which took place as we were lecturing and our attention span was not what it should have been.
TUESDAY
Contact name – 11:26 a.m.
Hi, I have a project on advertising on social networks but I am too busy to receive it, would you like to receive this project? I will share it with you
Visionary Marketing (He/Him) – 1:33 PM
Hello, how can I help you? I’m busy until 6p.m., we can have a call after that if you want.
Contact name -1:39 PM
I will send you their project to see, if you accept the project, I will hand them your contact details.
Visionary Marketing (He/Him) – 3:22 PM
OK
Contact name -4:13 PM
https://drive.google.com/XXXX
password:2023
WEDNESDAY
Visionary Marketing (He/Him) – 12:06 PM
Thanks
I should point out that this is a known contact. The person in question teaches in the same school as we do, in the same class, we had seen each other a few weeks before and a lunch date was on its way. Obviously, the LinkedIn hackers didn’t know that because it had happened IRL.
Clicking on the Google Drive link (one could have thought it must have been secure because of the password…) takes you to a .zip file that contains a.exe.
.EXE is a fishy file extension
The .exe file extension was a warning that something fishy was happening. Even though I had my doubts since the message was very well crafted. Besides, the file was over 700 MB. Way above the size granted by online virus scanners.
I don’t have a PC, so I had to find one and scanned the file without opening it and, of course, it’s a virus (I didn’t investigate further, it looked nasty!)
It must be said that many LinkedIn accounts have been stolen and resold.
The attack was very subtle and well targeted. People familiar with the matter told Visionary Marketing that similar attacks took place in France in Italy.
Our recommendation is to protect your accounts systematically, generate automatic passwords (such as the ones proposed by Safari on macOS) and be wary of suspicious messages offering jewellery or anything else for that matter.
Above all, implement multi-factor authentication at all times.
Special note for macOS users: don’t even think that Macs are immune even though they apparently safer.
People from our network reported that attacks did occur in the past, most likely triggered from Russia. Yet, these were based on fake accounts. In today’s case, the LinkedIn hackers probably took advantage of a major data leak from LinkedIn to impersonate real people. That’s what makes this cyberattack so credible. Knowing the person who writes you tends to catch you off guard and that’s when you are at risk.