"By posting fake policy violation notices directly in LinkedIn comment threads, attackers exploit users' expectations about how platform moderation works. The use of LinkedIn-style language, impersonated company pages and even lnkd.in short links makes these messages appear legitimate at a glance."
"Although LinkedIn's process for creating a company page, especially one that appears to be LinkedIn itself, was not previously easy to abuse at scale, the proper application of AI now makes it possible,"
"When integrated with the contact methods used in this campaign, it could allow threat actors to quickly deploy large scale campaigns that spoof LinkedIn and abuse legitimate infrastructure."
"What makes this especially effective is scale, AI-driven automation allows threat actors to flood comment sections faster than manual moderation can respond,"
Malicious actors are leaving LinkedIn-style comments that claim account restrictions and include appeal links that redirect to fraudulent verification pages. The comments mimic LinkedIn language, use impersonated company pages and lnkd.in short links to appear authentic. Clicked links lead to pages designed to harvest credentials. Artificial intelligence enables creation of convincing company pages and automates large-scale deployment of comments, allowing attackers to flood threads faster than manual moderation can respond. Integration with legitimate platform contact mechanisms increases the campaign's effectiveness. AI-driven automation thereby amplifies social engineering and raises credential-theft risk for LinkedIn users.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]