LinkedIn is the number one social media brand used by cybercriminals who want you to click malicious links, according to new research.

Check Point Software found just over half of all phishing-related attacks around the world referenced LinkedIn in the first quarter of 2022 – a dramatic increase from the previous quarter when LinkedIn featured in less than 10 per cent of phishing attacks analysed by Check Point.

Omer Dembinsky, Check Point’s manager of data research, said the rise in LinkedIn-related phishing attempts is a salient reminder to be careful where you click.

“LinkedIn users in particular should be extra vigilant over the course of the next few months,” he said.

“These phishing attempts are attacks of opportunity, plain and simple.

“Criminal groups orchestrate these phishing attempts on a grand scale, with a view to getting as many people to part with their personal data as possible.”

By default, LinkedIn opts users into receiving email notifications when they have a new friend (‘connect’) request and when they receive a message.

The contents of these messages aren’t displayed in those email notifications in order to drive users to LinkedIn’s website or app.

Attackers are using this design feature to catch out unsuspecting LinkedIn users with emails that look exactly like the typical LinkedIn notification but redirect to a fake login page.

Behind LinkedIn for the most common brand used in phishing attacks is German shipping company DHL, Google, and Microsoft while Facebook has fallen out of the top 10.

Top 10 brands used in phishing attacks

  1. LinkedIn (relating to 52% of all phishing attacks globally)
  2. DHL (14%)
  3. Google (7%)
  4. Microsoft (6%)
  5. FedEx (6%)
  6. WhatsApp (4%)
  7. Amazon (2%)
  8. Maersk (1%)
  9. AliExpress (0.8%)
  10. Apple (0.8%)

Phishing has become simpler for would-be criminals in recent years with a growing market of out-of-the-box phishing kits being sold online.

According to the Zscaler 2022 ThreatLabz Phishing Report, cyber criminals are increasingly switching from building their own phishing exploit kits to buying into services that deliver higher quality phishing emails.

“The problem with phishing kits is that they make it easier than ever for attackers to launch effective phishing campaigns and much harder for individuals and security teams to detect,” the report said.

“The use of sophisticated templates have broadly eliminated the characteristic typos, spelling errors, bad grammar, and unsigned certificates previously relied on to identify phishing scams.”