The e-mails warn potential victims of “irregular activities” on their account and say a compulsory security update is required. The e-mails include an html attachment that purports to be a form for performing the update.
The html file is actually a copy of LinkedIn’s website and login page. But the website code in the file has been modified, so if a user logs in, their account credentials are sent to the attackers.
Users are guided to enable two-step verification on their account. If that’s enabled, LinkedIn sends a one-time passcode over SMS that is required to complete logging into an account. Even if the attackers gain a person’s login credentials, they could not take over an account.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now