LinkedIn Phishing Spoof Bypasses Google Workspace Security

A fake LinkedIn email went out to a secure travel company, trying to get its employee’s information. The subject of the email was “We noticed some unusual activity.”

A phishing campaign was able to slip past Google’s email security controls when it cheated email authentication checks. Through Armorblox, the attack was stopped at some 500 user inboxes.

The main call-to-action button (Secure my account) including in the email contained a bad URL, which took victims to a fake landing page. This fake landing page mimicked a legitimate LinkedIn sign in page that contained the same logos, language and illustrations as real LinkedIn branding.

Recent Articles

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox