Security researcher JB Bowers alerts the user about the phishers trying to deceive users into opening a LinkedIn Private Shared Document and entering their login credentials into a bogus LinkedIn login page.
The phishing message is delivered by LinkedIn’s internal messaging system and seems like it has been sent by one of the victim’s connections. The message drives the recipient to follow a third-party link to view a document.
If recipients fail to find this suspicious, they’ll be redirected to a convincingly tricked LinkedIn login page. Besides, if they enter their login credentials, their account will possibly be sending out phishing messages to their contacts.
To Read More: Help Net Security