LinkedIn tops social media brands used for phishing

Read time 3min 10sec

Professional networking site LinkedIn has topped the rankings as the social brand most used for phishing for the first time ever, accounting for more than half (52%) of all phishing attempts during Q1 2022.

Top phishing brands in Q1 2022

1. LinkedIn (relating to 52% of all phishing attacks globally)
2. DHL (14%)
3. Google (7%)
4. Microsoft (6%)
5. FedEx (6%)
6. WhatsApp (4%)
7. Amazon (2%)
8. Maersk (1%)
9. AliExpress (0.8%)
10. Apple (0.8%)

This represents a significant 44% rise from the previous quarter, where the site was in fifth position, accounting for only 8% of phishing attempts. LinkedIn overtook DHL as the most targeted brand, which is now in second position and accounted for 14% of all phishing attempts during the quarter.

This was revealed in the Brand Phishing Report for Q1 2022 by Check Point Research (CPR), the threat intelligence arm of Check Point Software Technologies.

The report highlights the brands which were most frequently imitated by cyber criminals in their attempts to steal individuals’ personal information or payment credentials during January, February and March.

Leveraging social networks

According to CPR, the latest report shows an emerging trend toward threat actors leveraging social networks, now the number one targeted category ahead of shipping companies and technology giants such as Google, Microsoft and Apple.

In addition to LinkedIn being the most targeted brand by a considerable margin, WhatsApp maintained its position in the top ten, accounting for almost 1 in 20 phishing-related attacks worldwide.

The report highlights a particular example where LinkedIn users are contacted via an official-looking e-mail in an attempt to lure them to click on a malicious link. Once there, users would be again prompted to log-in via a fake portal where their credentials would be harvested.

Shipping in the crosshairs

When it came to categories, shipping is now the second most targeted category, with attacker continuing to take advantage of the general rise in e-commerce by targeting consumers and shipping companies directly.

DHL came second to LinkedIn, accounting for 14% of phishing attempts; FedEx has moved from seventh position fifth, now accounting for 6% of all phishing attempts; and Maersk and AliExpress have entered the top ten list for the first time.

The report revealed one particular phishing strategy that used Maersk-branded e-mails to encourage the download of spoof transport documents, infecting workstations with malware.

Crimes of opportunity

Omer Dembinsky, data research group manager at Check Point Software, says these phishing attempts are opportunistic. “Criminal groups orchestrate these phishing attempts on a grand scale, with a view to getting as many people to part with their personal data as possible."

He says certain attacks will try to gain leverage over users or steal their information, such as those we’re seeing with LinkedIn. Others will be attempts to deploy malware on company networks, such as the fake e-mails containing spoof carrier documents that we’re seeing with the likes of Maersk.

Dembinsky adds that if there was ever any question that social media would become one of the most heavily targeted sectors by cyber crooks, Q1 has answered it clearly.

“While Facebook has dropped out of the top ten rankings, LinkedIn has soared to number one and has accounted for more than half of all phishing attempts so far this year. The best defence against phishing threats, as ever, is knowledge."

He says staff, in particular, need to be trained to spot suspicious anomalies such as misspelled domains, typos, incorrect dates and other details that can expose a malicious e-mail or text message. 

"LinkedIn users in particular should be extra vigilant over the course of the next few months.”

See also