A mysterious fake profile is behind a threatening phishing attack on LinkedIn

Last updated: August 11, 2017

Social media networks are essential to people’s communications as they help them to keep in touch, share best moments in their lives and even gain employment.

When you read about the latest phishing attack on one of the social networks which is in the mainstream at present, you will be definitely impressed.


What’s the hitch?

What is meant here is that a fake profile created on LinkedIn and other popular networks, including Facebook, lures internet users for grabbing their sensitive information. If you encounter this fake profile of an imaginary person Mia Ash, by name, do not befriend with the account, otherwise, you’ll fall victim to the fraudsters that are behind it.

According to the recent observations of SecureWorks® Counter Threat Unit™ the fictitious LinkedIn account is the following:

If the victim lets connections with the non-existing Mia Ash, he or she receives a phishing e-mail with a malicious link leading to the Word or Excel document.

When the targeted victim follows the link, the computer gets infected with a Trojan virus. The fraudsters are able to damage the person’s computer and the data kept on it by means of this malware.


It is said that the cyber hackers are from COBALT GYPSY, a threat group associated with Iranian government-directed virtual operations. Unfortunately, it is not the first time of attacking by the abovementioned hackers.


How to avoid falling victim to phishing attacks?

The most reliable way to protect yourself against scams will be not to befriend online with people that you do not know in actual life. Besides, it is vital to recognize so-called scams on the network. Keep on reading and you’ll know how to prevent negatives outcomes because of phishing attacks:

Firstly, create unique sophisticated passwords for numerous accounts on the network. It is an unforgivable mistake to apply one password for different websites. Once you are compromised on one of them, you are susceptible to get into trouble again.

Secondly, never enable macros, in case you get an e-mail with Word or Excel documents. The best decision will be not to open and delete it.

Thirdly, do not provide the details of your workplace. Hackers can misuse the information for targeting certain groups.

Fourthly, scan for grammar mistakes and typos as scam letters often contain them. These are alarming signs to identify potential phishing attacks.

Finally, always perform safe VPN-protected internet connections. You need it for encrypting all traffic transferred on the network which will enforce your cybersecurity. Moreover, you’ll be able to feel more private online as your true IP is masked from other netizens.


It is also necessary to teach your children how to recognize scams. You can read our additional material on the topic here.

Stay safe online and keep your privacy on the web!