New Reports Show How Ad Accounts Are Being Hijacked Thanks to Phishing on LinkedIn

POSTED ON September 23, 2022

While cyber attackers have long gone after email as a way to hack their way into a victim’s computer or network, they now have their eyes on a new target: LinkedIn.

Unsurprisingly, LinkedIn is beginning to rise as an attack vector. According to the company, LinkedIn now has 830 million members across 200 countries. Moreover, due to the nature of the social network for professionals, its user base includes many potentially high-value targets for attackers, who may ultimately be looking to gain access to corporate networks for a hefty payout.

One example of these dangerous attacks is the recently discovered spear phishing operation called “DUCKTAIL,” founded by researchers at cybersecurity firm WithSecure. This operation looks for victims on LinkedIn that may be using Facebook advertising, then uses specialized malware called Infostealer, known for using browser cookies and the hard drive to look for Facebook information on systems (like a Facebook login) and then hijack the ad accounts.

The attackers’ target victims could involve those who advertise their skills or current positions in marketing or digital. They then reach out to them, often through LinkedIn’s messaging service, to get them to download a malicious file carrying the malware to infect their systems. They usually get unsuspecting users to click on the links by pretending to be selling a product or other similar ruse. They then use the malware to steal relevant information and give themselves permission to the Facebook ad accounts.

This isn’t the only attack of its type in recent months. According to a second report, LinkedIn has become the top target for scammers and accounts for over half of all phishing attacks. This shows the importance of SMBs and other organizations paying attention to these new types of attacks, especially as they continue to grow and target tools their employees likely use every day (like LinkedIn).

There are several ways that an SMB can work to mitigate these types of risks to its organization. First, it should take the time to educate its employees on this new risk and how to identify potentially malicious emails. By being cognizant and aware, they can hopefully not fall victim to this type of attack. Additionally, an SMB can consider adding technology to mitigate phishing attacks and monitoring services to detect any potential malicious behavior, should it slip past an unsuspecting employee.

Social media, such as LinkedIn, is more popular than ever, meaning the risk from these types of attacks won’t go away soon. It is in the SMB’s best interest to mitigate this risk before it affects their organization and keep an eye on any new threats that might emerge in this space. Doing this can ensure that their business and customers are protected from cyber risk.

About the Author: Agilitec
Report: 30% of Employees Don't Understand the Importance of Cybersecurity
3 Things to Know About Callback Phishing