5 reasons why attackers are phishing over LinkedIn www.bleepingcomputer.com/news/secu…
Phishing attacks are no longer confined to the email inbox, with 34% of phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps.
LinkedIn in particular has become a hotbed for phishing attacks, and for good reason. Attackers are running sophisticated spear-phishing attacks against company executives, with recent campaigns seen targeting enterprises in financial services and technology verticals.
But phishing outside of email remains severely underreported — not exactly surprising when we consider that most of the industry’s phishing metrics come from email security tools.
Your initial thought might be “why do I care about employees getting phished on LinkedIn?” Well, while LinkedIn is a personal app, it’s routinely used for work purposes, accessed from corporate devices, and attackers are specifically targeting business accounts like Microsoft Entra and Google Workspace.
So, LinkedIn phishing is a key threat that businesses need to be prepared for today. Here’s 5 things you need to know about why attackers are going phishing on LinkedIn — and why it’s so effective.
1: It bypasses traditional security tools
2: It’s cheap, easy, and scalable for attackers
3: Easy access to high-value targets
4: Users are more likely to fall for it
5: The potential rewards are huge
