A new phishing scam associated with an Iranian-linked group has been targeting users of a professional social media networking site, according to Susquehanna Township Police Department.
FireEye, a U.S. cyber security firm, claims the group has been targeting LinkedIn users with “bogus invitations to join professional networking groups,” the police department reported. Emailed attachments, laced with malware, are designed to infect systems and ultimately “steal data and credentials,” FireEye warned.
“While LinkedIn is intended to facilitate professional contacts, anyone can set up an account and search for information,” according to a Susquehanna Township Police Department statement. “This information can then be used in spear-phishing campaigns, which are personalized to their targets. Therefore, any work information should be kept to a minimum. Individuals should be selective in who they add as friends or contacts on social media.”
The Federal Bureau of Investigation asks that you contact them if you think you are a victim at the Internet Crime Complaint Center with the following information:
- Any messages pertaining to the attack
- Victim information
- Overall losses
- Victim impact statement
- Any other information