En bref
Cybercriminals are running a LinkedIn phishing campaign that uses fake business inquiry emails carrying a malicious "contract" attachment. The HTML attachment opens an obfuscated login form that hardcodes the victim's email address and...
Comment ca fonctionne
Cybercriminals are running a LinkedIn phishing campaign that uses fake business inquiry emails carrying a malicious "contract" attachment. The HTML attachment opens an obfuscated login form that hardcodes the victim's email address and...
Signaux d'alerte
- : Double file extension on the attachment (e.g. pdf.html ) disguising a phishing page Sender name, email address, and signature do not match
- the named company does not operate in the stated country After submitting credentials you are silently redirected to the legitimate site while data is exfiltrated in the background
Que faire
- 1: Never open unsolicited attachments
- 2access LinkedIn only through the official app or by typing the URL directly into your browser Verify file extensions in your file explorer and enable multi factor authentication on LinkedIn and email accounts Use a real time anti malware solution with web protection and report suspicious "business inquiry" emails to your IT team or p
Source
malwarebytes
Source verifiee par Mythos Forensic Team
https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-linkedin-emails-abuse-adobe-to-track-victimsFAQ
Fake LinkedIn phishing emails abuse Adobe infrastructure to steal passwords est une vraie arnaque ?
Oui. Traitez le message, l'appel ou la demande de paiement comme suspect jusqu'a verification via un canal officiel.
Quels sont les premiers signaux ?
: Double file extension on the attachment (e.g. pdf.html ) disguising a phishing page Sender name, email address, and signature do not match; the named company does not operate in the stated country After submitting credentials you are silently redirected to the legitimate site while data is exfiltrated in the background
Que faire en premier ?
: Never open unsolicited attachments; access LinkedIn only through the official app or by typing the URL directly into your browser Verify file extensions in your file explorer and enable multi factor authentication on LinkedIn and email accounts Use a real time anti malware solution with web protection and report suspicious "business inquiry" emails to your IT team or p
LegalAudit peut-il verifier mon cas ?
Oui. Lancez le chat gratuit et collez le message, le lien, l'expediteur ou les details de paiement.