Nov 1 / Admin

New Scam Alert: New LinkedIn Phishing Campaign Bypasses Google Protection

Cyware reported: 

  • The phishing campaign targeted 500 mailboxes of employees from a national travel organization. 
  • The email comes with the subject line - "We noticed some unusual activity" - pretending to be from LinkedIn.
  • However, the attackers have misspelled LinkedIn and the domain was created on March 6.
  • The phishing campaign bypassed detection by Google’s email security controls after passing authentication checks via DMARC and SFP.
  • The campaign leveraged brand impersonation, social engineering, malicious URLs, and existing business workflow replication.

Find out more with the original article here.

Enroll in Training Sessions:  Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
* indicates required