sb-as logo
Story image

Subdomain spoofers turning to ‘trusted’ brand LinkedIn to spam users

14 Feb 2017

LinkedIn has become the target of a new phishing campaign, and the company is powerless to block the attacks in the traditional ways.

Proofpoint discovered the campaign, which uses spoofed subdomains to get users to supply their LinkedIn credentials.

The company says the emails aren’t designed to attack customers or partners, but they are exploiting domains and could eventually damage the victim’s brand.

“if users see enough of these emails and flag them as spam, then mailbox providers may begin to penalize emails sent from example.com and its subdomains,” Proofpoint says.

This new approach is a new variation of subdomain spoofing, which traditionally targeted one company at a time and uses many aspects of the subdomain element.

This approach is new, as it uses all of the sending domains of a large number of companies and prepends them with an established and trusted brands, Proofpoint says.

Attackers send the phishing attempts over other companies’ subdomains, not the traditional LinkedIn domains. This means LinkedIn is unable to block the attacks.

Proofpoint says that LinkedIn has long been building a community of trust, and attackers are now taking advantage of that trust.

Attackers have used the LinkedIn brand to create spoofed subdomains:

Proofpoint warns that this new combination of subdomain spoofing and snowshoe spamming can affect almost any business – and can use almost any large and trusted brand.

Proofpoint recommends that companies:

  • Prepare all subdomains
  • Consider all parent domains
  • Add necessary tags
Story image
BlackBerry partners with ServiceNow for incident response management
BlackBerry has announced it has entered into a partnership with ServiceNow to integrate the BlackBerry AtHoc service within the Now platform for rapid crisis communications and IT service management. More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More
Story image
Attack from DOS: In Zero We Trust
In combination with malware, DDoS attacks on banks have been used to cause distraction so the transfer of stolen funds goes unnoticed. More
Story image
Creating private data regulations for employees
Whether employees are hired on a part-time or full-time basis, everyone must know about data privacy regulations. Everyone needs to be responsible for keeping the organisation’s data secure. More
Story image
Entrust launches cloud-based ID issuance solution
The Sigma instant ID solution uses encryption, trusted HSM technology and secure boot to issue highly secure physical and mobile identities.More
Story image
CrowdStrike targets Zero Trust blind spot with new offering
CrowdStrike has officially launched CrowdStrike Falcon Zero Trust Assessment (ZTA), designed to aid in overall security posture by delivering continuous real-time assessments across all endpoints in an organisation regardless of the location, network or user. More