LinkedIn phishing (Whaling)

Today, our CEO, Paul Lees, received a private message on LinkedIn from an old contact asking for input on a proposal.

This wasn’t uncommon, Paul often gets requests from all kinds of individuals for assistance and guidance. However when selecting the proposal, instead of a document the following was presented. Bear in mind that this IS still a PDF and not redirection to a website. (Looks convincing, doesn’t it?).

Selecting the PDF (Fake OneDrive page) Paul was redirected over to another fake Microsoft SharePoint / OneDrive page asking for username and password..

Notice the URL live.microsoftshareit.com

LinkedIn and other social networking sites are really useful for connecting and keeping in touch with friends and colleagues. But we need to remember that just like email, scammers and phishers prowl these platforms for unsuspecting users. So as you build your professional connections on LinkedIn, remember to always keep an eye out for the scammers.