“ways threat actors can operationalize their malicious campaigns via linkedin. these include : - phishing and spearphishing : by using information that linkedin users share on their profiles, they can tailor phishing campaigns to improve their success rate. - direct attacks : adve…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.003Spearphishing via Service
74%
“corporate it department is blind to what ’ s going on. although linkedin has some built - in security measures, there ’ s no guarantee that phishing, malware and spam messages won ’ t get through. and because of the credibility of the site, targets may be more likely to click thr…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1593.001Social Media
63%
“why linkedin is a hunting ground for threat actors – and how to protect yourself in november, britain ’ s security service began notifying members of parliament ( mps ) and their staff of an audacious foreign intelligence - gathering scheme. it claimed two profiles on linkedin we…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
52%
“delivered via dm links. the malware itself was hosted in the cloud. staying safe on linkedin as mentioned, the challenge with linkedin threats is that it ’ s difficult for it to get any real insight into how extensive the risk is to its employees, and what tactics are being used …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1589.001Credentials
50%
“##stealers, credential stuffing and other techniques can be used to help threat actors takeover users ’ accounts. these can be used in follow - on attacks targeting their contacts. - supplier attacks : linkedin can also be trawled for details on partners of a targeted company, wh…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1684.001Impersonation
48%
“##stealers, credential stuffing and other techniques can be used to help threat actors takeover users ’ accounts. these can be used in follow - on attacks targeting their contacts. - supplier attacks : linkedin can also be trawled for details on partners of a targeted company, wh…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1593.001Social Media
45%
“? a few reasons stand out : - it ’ s a fantastic information resource : by digging into the site, threat actors can find out the roles and responsibilities of key individuals in a targeted company, including new joiners. they can also piece together a pretty accurate picture of t…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
The business social networking site is a vast, publicly accessible database of corporate information. Don’t believe everyone on the site is who they say they are.