Compromising the Supplier Chain

LinkedIn Phishing

We have seen a few customer reports recently around receiving malicious attachments and messages from LinkedIn. We wrote about this type of attack appearing again more frequently, although its been around for quite some time.

However much a business tries and attempts to prevent attack and infection to their computers and business, from securing the perimeter by filtering email and web traffic, right down to the controls on the endpoint looking after Antivirus and educating the organisations users about the threats, they are ever evolving.

supplier chain

Attackers are using compromised LinkedIn accounts to send messages to the accounts connections. LinkedIn being a business tool, users are allowed in the main to browse it and see these messages.

These messages are normally a PDF file, with links embedded in them that will either

  • download a virus or, even worse,  ransomware to your computer
  • Prompt a user to enter in some form of credentials, normally Office365, in an attempt to gain a foothold into the customers environment

LinkedIn prompts recipients also of pending unread messages that they have, so these come sailing through to the recipients email legitimately from LinkedIn as trusted messages and adds weight to these messages being genuine and trusted.

Users in your business can protect themselves in as many ways they can as possible but situations like this are out of a business’s control. You can protect your LinkedIn and Office365 accounts with Multi-Factor authentication, but you cant be in control of your connections security.

Ways to Prevent

1

  • Ensure you use MFA (Multi Factor Authentication) wherever you can. LinkedIn supports it, Office365 Supports it, Google supports it. Consider where your sensitive data is stored and ensure you have it as protected as it can be
  • Educate your users on the threat of Phishing, through email and through other mediums such as LinkedIn. If a message is received, think for a moment whether its expected and its valid. Treat attachments and links as suspicious.
  • Watch out for the messages, treat them as insecure. Indicators could be a badly spelt, has a link which has been shortened and not easily recognisable, asking you to view a shared document.

 

Past Blogs

Copilot connects Microsoft and Google

Microsoft Copilot Now Connects Gmail and Outlook—What This Means for Your Business

If you’ve ever found yourself switching between Gmail, Outlook, and countless browser tabs just to track down an email or check your diary, you’re not alone. For many...
New Ransomware Warning

New Ransomware Alert: What UK Businesses Should Do

Don't Waste Time Searching Through Settings

Windows 11’s New AI Agent: A Smarter Way to Tackle Settings

More accessibility Features in Windows 11

Windows 11’s New Accessibility Tool: What It Means for Your Business

Outlook flags your important email

Outlook will flag your most important emails

Can your staff access too much?

Half of staff have too much access to data

Windows 10 hit ends of life in just over 2 weeks

Free Support for Windows 10 Ends in Just Two Weeks – Here’s What Your Business Needs to Know

Free Support for Windows 10 Ends in Just Two Weeks – Here’s What Your Business Needs to Know What would it take to bring your business to a halt?It’s not always a major...
Better passkey integration in windows

Passkeys will be better integrated in Windows

New hire? New security risk

New member of staff… new cyber security risk?

   When you bring someone new into the business, your first thought is usually about getting them set up to succeed. A laptop, email account, access to the right...
Microsoft to Introduce a Unified Naming System for Hackers

Microsoft to Introduce a Unified Naming System for Hackers

Have you ever tried to follow a crime documentary where the main suspect keeps changing names? It’s confusing—and that’s exactly what’s been happening in the world of...