According to researchers at Check Point Research, LinkedIn was the most impersonated brand in the first quarter of 2022 for phishing attacks. The campaigns that impersonated the social networking site made up 52% of all attacks in the first quarter of 2022, which represents a 44% increase since the previous quarter. Following LinkedIn, the most frequently impersonated brands in phishing attacks were DHL (14%), Google (7%), Microsoft (6%), FedEx (6%), WhatsApp (4%), Amazon (2%), Maersk (1%), AliExpress (0.8%), and Apple (0.8%). Criminal groups are orchestrating these attacks on a large scale to gain as much personal data from their victims as possible.
The shift from shipping companies, who previously were the most impersonated, to social media reflects a trend of social engineering scams that are being seen across the board. LinkedIn has put measures in place to try and protect their users, but ultimately, the end users are the ones that must be vigilant. Many people have their work email address linked to their LinkedIn account, which is not a safe practice. Because of this, threat actors are able to specifically craft emails towards victims. Furthermore, phishing emails being sent to LinkedIn users will be delivered to their work email address, meaning any intrusion that could follow a link being clicked in these emails would affect their organization’s environment. Proper training should be conducted for employees on how to spot and report phishing emails.