Dell Secureworks has identified targeted attacks occurring through LinkedIn.
In this attack, a fake user with a network of connections is created. Under the guise of a recruiter, they contact targets of opportunity, think sysadmins at a target company. The victim is enticed to go to a purported resume submission website. And then you have malware.
- As always, on LinkedIn be aware that people may not be who they claim to be.
- If you are going to apply for a job, go the known, established website of a company, and click on something like “Careers” to find a link to their jobsite. Where it’s an external recruiter contacting you, take care in establishing their bona fides.
- Dont be part of the problem. Only accept connections from people you know and trust. Your connection is an implicit endorsement to other people.