A wave of emails, supposedly sent by LinkedIn Support, have been linked to scammers who are attempting to steal credentials from members of the networking service.
On Wednesday US time, Satnam Narang, senior security response manager at Symantec, wrote about the phishing campaign observed over the past week.
Narang warned that the spurious emails contain HTML attachments, which supposedly instruct users on how to carry out a “security update.” Instead, opening the attachment leads to a website, which looks like a legitimate LinkedIn login page, he said.
Attackers modified the website's source, so that credentials entered are sent “directly to the attacker”, he explained.
Symantec noted that scammers used HTML attachments in order to bypass browser blacklists, which serve to keep users off phishing websites. Narang recommended that users implement LinkedIn's two-step verification for improved login security.
This article originally appeared at scmagazineus.com