Professionals belonging to LinkedIn are on alert following a warning about phishing emails claiming to come from the online business network.
Computer security experts Symantec are warning the sophisticated emails avoid spam filters by simply changing the spelling of LinkedIn to ‘Linkedin’.
A link attached to the email opens a spoof web site page when clicked that is a clone of the real LinkedIn web site and invites readers to login to their account.
Symantec warns the web page collects their login name and password and sends the information to crooks who can then control the page and access the user account to steal financial and personal information.
LinkedIn is an international social media network for professionals used by thousands of expat workers to promote their CVs and businesses.
Symantec has published the text of the email, which reads like this: “Your LinkedIn account is subject to a compulsory update due to irregular activity. Login may be denied if we believe your account has been compromised.”
British police are warning LinkedIn users not to fall for the scam emails.
Anyone receiving the phishing email should not click on the link and should delete the email immediately.
Security expert Graham Cluley explained the risks to LinkedIn account holders.
“Once a fraudster has control than can pose as you or a member of your organisation to exploit personal and business relationships within your network,” he said.
“Your contacts are more likely to trust a message that comes with your profile attached rather than an unidentified message arriving in their inbox.”
Cluley explains that adopting LinkedIn’s two-step verification adds an extra layer of security to an online account which stops someone logging into the platform without access to a mobile phone.
The process involves sending a verification code to the account user’s phone.
LinkedIn is a regular target for hackers and phishers who view the site as an information stealing resource for compromising online businesses.
The site has millions of accounts worldwide.
Previously, internet security firms have warned users to watch out for fake invitations to join networks within the portal that hide links to phishing sites.
In 2012, a major security compromise was thought to involve the theft of 6 million account passwords by hackers in Russia.