Wednesday, June 1, 2011

Linkedin.com is now public - phishing starts

I am linkedin user since 4 years and I like it. I think it is so far the best professional network I used. I never had issues with linkedin and never got suspicious emails using as cover linkedin. This changed this week. I have a certain email address just for linkedin.
Yesterday I got to another email address (my public email address) an email which seemed to be from linkedin.

Usually when somebody wants to connect to you, you would get an email similar to this:



The email is send to your email address stored in linkedin.

The email I got yesterday looked like this:




If you don't look closer to the email you would not recognize it as a fake. But what made me suspicious was that the email was send to my public address. I first thought somebody did try to connect to me by imputing this email address in linkedin because we never met each other (linkedin ask then to input an email address).
However I looked at the sender email address which was a really weird email.




Linkedin usually does not have unreadable email addresses. Next I went to linkedin to search the person Mark Andronas but did not find any person with this name in linkedin. Another weird part was that the email had two names. Mark Andronas and Neal Collins which I could not find neither on linkedin.com

Clicking on "connect that you know Neal" will bring you to http://salesforceappi.com/loginapi.php?tp=1da14085e243eaf9

A Domain registered in Shanghai
Registrant Contact:
zhang yong
yong zhang xfire2311@hotmail.com
+86.2136854127 fax: +86.2136854127
shanghai
shanghai shanghai 310016

(I am aware by posting the name and phone number of this person will have as result that this person might try to hack my blog)

The page itself is a php page which looks like the linkedin.com log in page which asks for your username and password. You would disclose to the person in Shanghai your linkedin account.

I guess since linkedin got big and public, we will see more such scam.


Please never click on any linkedin email with links on it in your mail program. If it is a real linkedin email then it shows up in your linkedin online account. Please open the emails there. And if it is a case you don't see the email in your online linkedin account and you are not sure the email is real, then contact linkedin fraud department https://help.linkedin.com/app/ask/subject/Possible%20Phishing%20Attempt

They will let you know if it is real or a fake email.

Here some tips from linkedin:
Suspicious emails should always be handled carefully. Please be cautious in opening any attached files or links included in the email as it may contain malware which could be damaging to your system. Note that any links in messages from LinkedIn should only direct you back to LinkedIn.com webpages. If you already opened attachments or clicked on links from within the message, you will want to run a current version of antivirus software to scan your computer for malicious viruses. To learn more about privacy best practices and what you can do to protect your account security, click here.

Your privacy is our top concern. We work hard to earn and keep your trust, so we adhere to the following principles to protect your privacy:

We will never rent or sell your personally identifiable information to third parties for marketing purposes.
We will never share your contact information with another user without your consent.
Any personally identifiable information that you provide will be secured with all industry standard protocols and technology.


- Posted using BlogPress, please follow me on twitter @schlotz69

Location:Spinning Wheel Ln,Brooksville,United States

5 comments:

  1. Hi,

    I too received an email which I though was a bit suspect supposedly from UPS "Your package has arrived!" with a link to http://salesforceappi.com/loginapi.php?tp=67e9c0fc50a0f678

    It appears that the server is located in Russia.

    Stay safe!

    ReplyDelete
  2. Yes. And I forgot to mention that the registrar person and address is most likely fake.

    ReplyDelete
  3. Pгetty! Thіs wаs an extremely wondeгful агticlе.

    Thanκ уou for providіng thіs info.
    My web-site :: payday loans no faxing

    ReplyDelete
  4. What's up, everything is going well here and ofcourse every one is sharing data, that's
    actually fine, keep up writing.

    Here is my website - acheter des fans facebook - -

    ReplyDelete