Cybercriminals Expanding Playbook: LinkedIn Messages as New Phishing Target

Cybercriminals are broadening their tactics, with email and text messages still commonly used for phishing. However, LinkedIn messages are becoming a favored method.

LinkedIn’s Appeal as a Phishing Target

According to The Hacker News, LinkedIn has emerged as an attractive target due to the high presence of professionals—including company executives—who often access the platform on corporate devices. Despite this, many organizations have not implemented the same level of security measures for detecting and blocking fraudulent messages as they do for email.

Expert Insights

“Social media platforms, including LinkedIn, are increasingly being utilized by cybercriminals to target employees, consumers, and executives,” states Tracy Goldberg, Director of Cybersecurity at Javelin Strategy & Research. “Beyond the lack of multi-factor authentication (MFA) highlighted in the article, social media channels provide a false sense of security since users inherently trust communications through these platforms.”

Goldberg further explains: ‘Social media’s increasing sophistication, particularly with infostealers that can readily compromise credentials by scraping and capturing browsing histories and stored cookies, exposes consumers to greater risks. These attacks often exploit psychological vulnerabilities, making users susceptible to phishing campaigns.’

A Launchpad for Campaigns

Infostealers are potent malware that can extract sensitive data from online sources at a substantial scale. Some experts estimate billions of personal credentials have been stolen through these tools, partly due to vulnerabilities on social media platforms.

“It’s remarkably simple to take over legitimate accounts,” Goldberg notes. “Approximately 60% of credentials in infostealer logs are linked to social media accounts, with many lacking MFA—especially on ‘personal’ applications where employers don’t encourage its use.” This provides attackers a credible launchpad for campaigns that can exploit existing trust networks and systems.

Expanding the Scope

Although individuals are frequently the initial targets of LinkedIn phishing campaigns, the ultimate goal is often to penetrate larger organizations, particularly those with extensive cloud infrastructure. After establishing a foothold, cybercriminals can infiltrate company networks to steal sensitive data for financial gain or launch ransomware attacks against the organization.

Given the increasing costs associated with data breaches, organizations should expand their phishing prevention strategies and training programs to specifically address LinkedIn and other social media platforms.