Be wary of your next unsolicited LinkedIn connection – a study published by Websense lists ‘Invitation to connect on LinkedIn’ as the most commonly used in phishing attacks. While cyber threats have become more sophisticated, phishing – sending emails with malicious links or attachments – will continue to be a dominant strategy in 2014.
The reason such attacks are popular is that they’re fairly easy to carry out, and also effective. We often open an email when we see a subject line we recognize, even without looking at the sender or taking the time to check out other details. Security firm McAfee notes that while phishing is a global phenomenon, more and more threats are coming from the U.S. The one thing all attacks have in common? They’re looking for your personal information, as well as your bank information.
Here’s the list of subject lines most likely to be spear phishing attacks:
- Invitation to connect on LinkedIn
- Mail delivery failed: returning message to sender
- Dear <insert bank name here> Customer
- Comunicazione importante
- Undelivered Mail Returned to Sender
When it comes to a social networking site such as LinkedIn, I never open any connection requests directly from the site. Log-into your account to personally view and approve possible connections. Another important tip – for open social networking sites such as LinkedIn (where anyone, in any country can join), be wary of connecting with anyone you don’t know personally. I see fake profiles and false information every day.
For secure career networking, consider joining the Cleared Network – it’s free, and a secure, password protected networking option open only to cleared professionals and U.S.-based companies.