Linkedin Phishing Alert, AI Targets Inboxes, Ransomware Hits Sensata
Hello people! Hope you have managed to safeguard yourself from the clutches of threat actors. We are here again with our weekly dose of cyber news. Today, we will talk about the steep surge in instances of LinkedIn phishing scams. We will also explore how AI threat attack is no longer just a fantasy concept in a Hollywood movie. Lastly, we will focus on the recent ransomware attack on Sensata Technologies.
Are you all set to dive deeper into the details?
Here you go!
Job seekers, beware of LinkedIn phishing scams!
Are you actively looking for job opportunities on LinkedIn? Or do you rely on LinkedIn for freelance projects? If so, you need to see this!
LinkedIn is no longer a safe haven for professionals because threat actors have started exploiting this professional networking platform too. With a user base of a whopping 1 billion, LinkedIn tends to be a treasure trove of data for cyberattackers. While the USA tops the chart with 250 million users, India stands second with 150 million users.
Job seekers, as well as service providers, widely use LinkedIn for active work opportunities. This is where threat actors come in with their social engineering tactics. These cybercriminals often pose as decision makers or hiring managers of renowned organizations. They publish fake job postings and send out malicious DMs and emails. Their ultimate goal is to collect your sensitive data.
Such malicious emails often carry subject lines that create a sense of curiosity or panic. For example, “Account Suspended,” “LinkedIn profile security alert,” “You have 1 new message,” or “ You appeared in 4 searches this week” are some of the commonly used subject lines by cybercriminals. The moment you download any PDF, click on a malicious link, or even enter your credentials, know that there’s no looking back. As many as 52% of US businesses have already fallen prey to LinkedIn scams.
Experts recommend that users stay highly vigilant. Before opening any email, make sure the email address ends with @linkedin.com. Also, it is a smart move to hover over any link to find out where it will lead to eventually. You can also pay close attention to the profile details of the person who has approached you with any kind of work opportunity. Details like no profile picture, discrepancies in the experience section, newly created LinkedIn profile, etc., may hint towards potential phishing attempts.
Outlook, Gmail, and Apple mail users are being targeted for AI-backed threat attacks!
AI-backed phishing scams are no longer just a sci-fi fantasy concept! A recent blog shows how AI makes it convenient to carry out phishing scams. AI agents or operators are making the most out of AI LLMs. These semi-autonomous AI agents are now in a position to carry out phishing attacks with zero to minimal human intervention.
Experts believe that these AI operators are now capable of scanning different platforms, such as LinkedIn, to find the right targets, look for malicious email templates online, and come up with compelling emails. In all these, they will require no human assistance apart from the initial instructions.
For the past couple of years, experts have suggested that AI can make phishing attacks highly sophisticated. Now, finally, that prediction is coming true, and it is indeed a cause for concern.
This recent development is a staggering reminder that neither organizations nor individuals are safe. AI-driven phishing campaigns can easily evade conventional threat detection mechanisms. Cybersecurity experts urge users to bolster their cyber defense systems as well as re-evaluate their current security systems.
Sensata Technologies targeted by ransomware groups!
Last weekend, on Sunday, April 6, Sensata Technologies was targeted by a ransomware group. They encrypted a specific part of the company network, resulting in operational disruption. Because of the ransomware attack, business operations at Sensata have been hampered. Functions like shipping, manufacturing, receiving, etc, have been interrupted.
A sensor-solutions manufacturing company, Sensata Technologies, took immediate mitigation steps to restore its business operations. But they are still not sure when the systems will be completely restored. Sensata has been working closely with external cybersecurity experts to investigate the ransomware attack. The initial investigation suggests that threat actors managed to gain unauthorized access to the company network, thereby exfiltrating data from the organization’s network.
Cybersecurity experts urge strengthening DMARC, DKIM, and SPF as Sensata Technologies falls victim to ransomware groups.
Sensata is still trying to figure out the exact data files that have been wiped by the ransomware group. Once they have complete clarity, Sensata will inform the affected stakeholders.
As of now, Sensata is hopeful of zero material impact on its finances. But they are waiting to identify the full scope as well as the final impact of the ransomware attack.
Also, so far, no ransomware group has yet claimed responsibility for the attack on Sensata Technologies.
