Users targeted in phishing scams after LinkedIn passwords breach
After the security breach where millions of LinkedIn passwords were stolen, LinkedIn users now face being targeted in phishing scams to confirm their e-mail address. Potentially, further phishing scams may appear providing links to reset your password.
E-mails have been sent, which appear to be from the social networking site, containing a link prompting users to confirm their e-mail address. However, clicking the link directs users to a counterfeit web site.
In their post published on their web site, LinkedIn have stated that they are sending genuine e-mails to their affected users with step-by-step instructions to receive password assistance. The genuine e-mail from LinkedIn does not contain any links. Once users request password assistance, they will receive a second e-mail from LinkedIn containing a link to reset their password.
Look out for signs of phishing
‘Phishing’ is a type of scam to trick people into believing the e-mail or web site is from the legitimate company that it appears to be from. You can protect yourself from these tricks by:
- check the address bar of the web site you are visiting – if you’re visiting LinkedIn, the address bar should start with http://www.linkedin.com/
- if you’re signing into a web site, or making an online purchase, the secure padlock should be visible on your web browser and the http:// part of the web site address should change to https://
- An up-to-date web browser will detect potential phishing scams and warn you before you proceed with the web site – make sure you have an updated version
- make sure your antivirus and anti-spyware software is up-to-date and working – if you need security software, you can download free security tools for Windows and for Mac
- check your operating system has the latest updates installed, like Windows Updates, or Software Updates for Mac users.