You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

Hackers Love Social Media (Part 2)

Social media is the new playground for cybercriminals launching Phishing attacks.

While we didn't intend for this to be a 2 part series, we're now pretty sure the hits will keep coming.

In previous posts, we've discussed social media breaches... [checks notes] ahem, sorry, they prefer to be called "scrapes".

"We want to be clear that this is not a data breach and no private LinkedIn member data was exposed. Our initial investigation has found that this data was scraped from LinkedIn..." -excerpt from LinkedIn memo

So this time, it appears to be another 700 million users. According to Restore Privacy, this batch of stolen data includes things like:

  • Email Addresses
  • Full names
  • Phone numbers
  • Physical addresses
  • Geolocation records
  • LinkedIn username and profile URL
  • Personal and professional experience/background
  • Genders
  • Other social media accounts and usernames

And it's all for sale on the Dark Web.

Let's think through how Phishing works...

A hacker's objective is to get someone (or multiple people) to fall for a Phishing email. This can be in the form of a malicious link, an infected attachment, a credential harvest or any number of strategies.

Since it costs virtually nothing to send an email, the hacker wants to send as many Phishing emails as possible.

So this cybercriminal needs a bunch of email addresses. (Check back to that list above, and yes, got those).

Next, the attacker would love to personalize the emails with a corresponding name attached to that scraped email address. (Hop back up to check that list, and yep, got that too!)

And let's see... perhaps leveraging some hometown data, workplace info or job title would be really helpful. (Again, looking at that list above, and BINGO!)

So what we're getting at is that it's irrelevant if it's a "breach" or a "scrape" if it means the attackers can more easily automate and streamline Phishing campaigns.

We've got some handy reports that show an organization's Web Exposure. Our Partners use these daily to illustrate real-time risks.

And hey, if you're an MSP and want to learn more, go check out how we work with Partners here. If you like what you see, book a time to chat!

Thanks for solid reporting from Restore Privacy.
[https://restoreprivacy.com/linkedin-data-leak-700-million-users/]

Joel Cahill

Cyber security enthusiast. Entrepreneur.