LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. According to a report by Fairlinked e.V., which claims to be an association of commercial LinkedIn users, Microsoft’s platform injects JavaScript into user sessions that checks for thousands of […]
Convincing LinkedIn comment-reply tactic used in new phishing
Scammers are flooding LinkedIn posts this week with fake “reply” comments that appear to come from the platform itself, warning users of bogus policy violations and urging them to visit an external link. The messages convincingly impersonate LinkedIn branding and in some cases even use the company’s official lnkd.in URL shortener, making the phishing links harder […]
LinkedIn phishing targets finance execs with fake board invites
Hackers are abusing LinkedIn to target finance executives with direct-message phishing attacks that impersonate executive board invitations, aiming to steal their Microsoft credentials. The campaign was spotted by Push Security, which says it recently blocked one of these phishing attacks that began with a LinkedIn message containing a malicious link. GeekFeed has learned that these phishing […]
LinkedIn sues ProAPIs for using 1M fake accounts to scrape user data
LinkedIn has filed a lawsuit against Delaware company ProAPIs Inc. and its founder and CTO, Rehmat Alam, for allegedly scraping legitimate data through more than a million fake accounts. ProAPIs activity constitutes a violation of LinkedIn’s terms of service (ToS), based on which the company seeks to get the court’s approval for a permanent injunction, […]