Phishing Attack On LinkedIn Users With HTML Attachment

LinkedIn users have become the target of a phishing attack that through html files attempting to steal credentials. The email has the subject "LinkedIn Alert" and argues that there is a mandatory security update is necessary due to unusual activity.

LinkedIn phishing email

For this check is sent an html file. When users open the file, they get to see a copy of the real LinkedIn site. However, the code has been modified so that users via the HTML page to try to log their data forwarding to the attackers, warns anti-virus company Symantec. The IT security advises users to turn on two-factor authentication. Even if the credentials are stolen an attacker can therefore not on the account login.