Kurzfassung
Cybercriminals are running a LinkedIn phishing campaign that uses fake business inquiry emails carrying a malicious "contract" attachment. The HTML attachment opens an obfuscated login form that hardcodes the victim's email address and...
Wie es funktioniert
Cybercriminals are running a LinkedIn phishing campaign that uses fake business inquiry emails carrying a malicious "contract" attachment. The HTML attachment opens an obfuscated login form that hardcodes the victim's email address and...
Warnzeichen
- : Double file extension on the attachment (e.g. pdf.html ) disguising a phishing page Sender name, email address, and signature do not match
- the named company does not operate in the stated country After submitting credentials you are silently redirected to the legitimate site while data is exfiltrated in the background
Was tun
- 1: Never open unsolicited attachments
- 2access LinkedIn only through the official app or by typing the URL directly into your browser Verify file extensions in your file explorer and enable multi factor authentication on LinkedIn and email accounts Use a real time anti malware solution with web protection and report suspicious "business inquiry" emails to your IT team or p
Quelle
malwarebytes
Quelle geprueft vom Mythos Forensic Team
https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-linkedin-emails-abuse-adobe-to-track-victimsFAQ
Ist Fake LinkedIn phishing emails abuse Adobe infrastructure to steal passwords ein reales Betrugsmuster?
Ja. Behandeln Sie Nachricht, Anruf oder Zahlungsaufforderung als verdaechtig, bis ein offizieller Kanal sie bestaetigt.
Was sind die ersten Warnzeichen?
: Double file extension on the attachment (e.g. pdf.html ) disguising a phishing page Sender name, email address, and signature do not match; the named company does not operate in the stated country After submitting credentials you are silently redirected to the legitimate site while data is exfiltrated in the background
Was sollte ich zuerst tun?
: Never open unsolicited attachments; access LinkedIn only through the official app or by typing the URL directly into your browser Verify file extensions in your file explorer and enable multi factor authentication on LinkedIn and email accounts Use a real time anti malware solution with web protection and report suspicious "business inquiry" emails to your IT team or p
Kann LegalAudit meinen Fall pruefen?
Ja. Starten Sie den kostenlosen Chat und fuegen Sie Nachricht, Link, Absender oder Zahlungsdaten ein.