LinkedIn spear-phishing campaign discovered

New LinkedIn scam harvests users data for malicious purposes

A new scam on business social networking site LinkedIn, which aims to harvest data from users' profiles, has been discovered by security firm Websense.

The scam itself is actually a profile set up by hackers that purports to be a Swiss-based dating agency. This account is used to view other users' accounts, according to a blog from Websense.

Because LinkedIn shows users which other accounts have viewed theirs, the hackers hope that people will click on their link out of curiosity, then visit their webpage, which is linked from their profile.

Carl Leonard, senior security research manager EMEA at Websense, pointed out that while there is no malware currently on this site, it is likely to be operated by hacking groups with access to exploit kits.

"This particular LinkedIn profile leading to a dating site, although not currently directing users to malicious code, is likely to have been set up to make targeted connections. The website is hosted in the same IP range as sites known to host exploit kits.

"As business profiles are big currency to cybercriminals, it's unsurprising that LinkedIn profiles are now being used to lure users to click on links that could lead to the darker places of the web. Without in-line real-time security in place to determine if this site is infected or not at the point-of-click, cybercriminals could be falling in love with the potential riches their targets provide."

Hackers have been using social networks since their inception in order to get more information on their potential targets. Armed with this data, a hacker is then able to contact a specific individual with targeted information known to be of interest to them, thus making it more likely that the target will open an unknown email, or click on an infected attachment, for example.

"Information relating to current employer, job titles, connections within the social network, and technology skills could be used by attackers to better enhance their chance of success in more targeted attacks outside of the LinkedIn network," explained the Websense blog.