Tuesday, 11 February 2014
Knowbe4 report a very professional phishing attempt using a fake LinkedIn invitation. The fake profile that had been set up was very convincing. It was exposed by performing a 'reverse search' on the image of the person on their fake profile, and it turned out to be a stock image from a commercial website. Of course, in time the criminals will use a photo of someone who can't be traced so easily. Another angle would be to mimic the profile of people you might vaguely know, to encourage you to acept the fake invitation e.g. from someone in your company. A simple but potentially effective threat that just underlines the need to avoid clicking on links in emails.