In breve
Cybercriminals are running a LinkedIn phishing campaign that uses fake business inquiry emails carrying a malicious "contract" attachment. The HTML attachment opens an obfuscated login form that hardcodes the victim's email address and...
Come funziona
Cybercriminals are running a LinkedIn phishing campaign that uses fake business inquiry emails carrying a malicious "contract" attachment. The HTML attachment opens an obfuscated login form that hardcodes the victim's email address and...
Indicatori rossi
- : Double file extension on the attachment (e.g. pdf.html ) disguising a phishing page Sender name, email address, and signature do not match
- the named company does not operate in the stated country After submitting credentials you are silently redirected to the legitimate site while data is exfiltrated in the background
Cosa fare
- 1: Never open unsolicited attachments
- 2access LinkedIn only through the official app or by typing the URL directly into your browser Verify file extensions in your file explorer and enable multi factor authentication on LinkedIn and email accounts Use a real time anti malware solution with web protection and report suspicious "business inquiry" emails to your IT team or p
Fonte
malwarebytes
Fonte verificata da Mythos Forensic Team
https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-linkedin-emails-abuse-adobe-to-track-victimsFAQ
Fake LinkedIn phishing emails abuse Adobe infrastructure to steal passwords e una truffa reale?
Si. Tratta messaggi, chiamate o richieste di pagamento come sospette finche non le verifichi da un canale ufficiale.
Quali sono i primi segnali?
: Double file extension on the attachment (e.g. pdf.html ) disguising a phishing page Sender name, email address, and signature do not match; the named company does not operate in the stated country After submitting credentials you are silently redirected to the legitimate site while data is exfiltrated in the background
Cosa devo fare subito?
: Never open unsolicited attachments; access LinkedIn only through the official app or by typing the URL directly into your browser Verify file extensions in your file explorer and enable multi factor authentication on LinkedIn and email accounts Use a real time anti malware solution with web protection and report suspicious "business inquiry" emails to your IT team or p
LegalAudit puo controllare il mio caso?
Si. Apri la chat gratis e incolla messaggio, link, mittente o dati di pagamento per un triage.