Cyber criminals are now targeting LinkedIn users with a phishing scam where they are tricking the user into believing that their LinkedIn account has a security issue which can be solved only by providing their personal details. The email that is targeting users comes from postmaster [@] fnotify [dot] com which is not linked with LinkedIn. However it is found that the email domain associated with the email is actually a WordPress blog registered to a guy, Torgeir Salvesen from Finland.
The password reset link which has been censored by the researchers is actually LinkedIn’s password reset link that asks users to change their password to avoid it from being misused. Also there have been a lot of errors from the cyber criminals and looks like they forgot to link the real phishing link on password reset link.
Apparently the email content also contains another link which redirects to a Dropbox link . The Dropbox link asks users to upload their viewable scanned copy of the payment method, account holder’s government-issued photo identification (that is a driver’s license or passport) and a payment receipt.
This was identified by researchers at Heimdal Security who pointed out that the main reason behind this scam is to steal user’s financial details, driving license and or passport copy. The purpose of collecting this information is to not only hijacking their account but also conduct further scams by stealing their identity.