LinkedIn Users Targeted in Complex Phishing Scheme
A concerning security threat has emerged for users of the professional networking platform LinkedIn. Known as the “Microsoft Two-Step Phishing Campaign,” this attack involves hackers using compromised profiles to deceive users and steal their sensitive information.
It Starts With Exploiting Trust
The attack begins innocently enough, with hackers taking control of LinkedIn profiles that users trust within their professional networks. These profiles appear normal but are actually manipulated by the attackers, who exploit the trust between users and their connections.
Let’s Understand The Attack Tactic: Two Steps to Success
The heart of this attack involves two stages. First, hackers combine stolen user accounts with a tricky phishing attack. They use a sneaky program called Snake, which targets not only LinkedIn but also Facebook users. Snake pretends to send legitimate messages but actually tricks users into downloading harmful software.
Once installed, Snake quietly steals users’ browsing data, giving hackers access to their accounts and compromising their security. This method shows how social media platforms, like LinkedIn, can unwittingly help cybercriminals
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: