"LinkedIn Phishing Spoof Bypasses Google Workspace Security"

A phishing email appearing to be from LinkedIn with the subject line "We noticed some unusual activity" was discovered targeting users at a travel company in an attempt to steal their LinkedIn credentials. According to Armorblox, the phishing campaign slipped past Google's email security controls after evading email authentication checks via Sender Policy Framework (SFP) and Domain-based Message Authentication, Reporting and Conformance (DMARC). The email security system at the victim organization discovered and stopped the attack aimed at 500 user inboxes. This article continues to discuss the credential-stealing attack that spoofed LinkedIn that targeted users at a travel organization.

Dark Reading reports "LinkedIn Phishing Spoof Bypasses Google Workspace Security"

Submitted by Anonymous on