LinkedIn scams: Still the most popular form of phishing

When “great to connect with you on LinkedIn” means something completely different.

It’s one of the world’s most influential social platforms, and a key place for business and career progression. But as recessions begin to bite, and people continue to strive to climb the career ladder, LinkedIn remains one of the main ways that scammers try to trick unsuspecting victims into handing over their personal details. 

For the third year in a row, phishing scams have referenced LinkedIn in their subject lines of emails more than any other website.

That’s according to Atlas VPN, a virtual private network (VPN) provider, which analysed information throughout the third quarter of 2020.

Top-clicked LinkedIn phishing emails include such subject lines as ‘You appeared in new searches this week!’, ‘People are looking at your LinkedIn profile’, ‘Please add me to your Linkedin network’, and ‘Join my network on LinkedIn’, according to the VPN provider.

Almost half of phishing emails about LinkedIn are opened

The propensity for people to open emails mentioning LinkedIn in the subject line seems enormous. According to the data analysed, phishing emails mentioning the professional networking site were opened 47% of the time. That’s just a 1% drop from the same time last year.

The reason behind this may be obvious: we’re all intrigued to see if we can progress through life a little quicker, and the connections we make on LinkedIn can help bring us more money and popularity in our career. The ubiquity of LinkedIn emails is also common in most inboxes, making it an easy target to try and spoof and con victims into clicking.

“Cybercriminals are often targeting employees, as such attacks can yield much higher profits.”

says Atlas VPN

“What is more, phishing emails are usually disguised as legitimate and basic messages employees see day after day.” They also point out that some of the most frequent hubs of scamming via email are messages that workers might expect to receive.

Payroll email subjects also commonplace

When you discount social media referencing emails, the subjects most likely to get people to open phishing emails in the third quarter of this year were focused around payroll issues. 

According to the analysis, emails titled "Payroll Deduction Form" had a 33% open rate – significant rates for scams such as these.

That’s more than twice the open rate for the next-best social network used by scammers to try and socially engineer their way into your accounts. Twitter-based email subject lines only had a 15% open rate, with the majority being false claims of direct messages being received into an account, while Facebook open rates languished at 12%.

It can be a difficult world to stay safe in out there, but Atlas VPN had some suggestions for those wanting to survive the onslaught of phishing emails that seem to pepper our inboxes on a daily basis. Be conscious that there are bad actors out there and make sure you don’t feel pressured into clicking on things you don’t want to. The subject lines of emails can often appear like an urgent call for action, when calm consideration is often safer.

Likewise, if you do open an email, before clicking any links, do some sense checks. Is the email address from which it sent an official domain linked to the company it claims to be? And check out the body of the email too: is everything spelt correctly, or are there grammatical slip-ups that give the game away? Scammers are getting smarter on this, so it also requires checking that zeroes aren’t being used in place of “o’s” and other tricks. Keeping your wits about you is one way to stay safe in the face of expanded threats.