We seem to write about a new phishing or spear phishing scam every day.

This latest LinkedIn scam has all of the classic signs of phishing. It comes from a suspicious sender, has bad grammar, and even uses an urgent call to action to scare victims into clicking the link. A link that appears to go to a blank page hosted by Linkedin. The motives for this attack remain unclear, and it could signal a larger threat in the future.

This scam has all the signs of a standard phishing attack…

Suspicious Sender

The latest LinkedIn phishing scam entices victims with an urgent subject line stating, “Important User Alert”. Although this subject line seems legitimate, anyone with phishing training who is paying attention would notice that it comes from a suspicious email address, “linkedin.customerservice.us1@fsr.net”. Even if, “linkedin.customerservice.us1,” is convincing enough for users to open the email, the “fsr.net” should be a red flag that something is not right.

Generalized Introductions

The email begins with, “Dear valid LinkedIn user,” which doesn’t seem that strange. However, LinkedIn knows it’s users’ names and has the tools to address their users by name in any email they send. These types of generalized introductions are often utilized in “spray and pray” phishing attacks because hackers can send one email to thousands in the hopes that someone will fall for the attack.

Urgent Action and Terrible Grammar

The content of the email threatens that users could lose privileges and access to their LinkedIn accounts unless they click on an enclosed link. One portion of the email reads: