BleepingComputer reports that finance executives have been targeted with direct-message phishing intrusions via LinkedIn that sought to pilfer their Microsoft credentials.Attackers using LinkedIn sent phishing messages purporting to be invitations for executive board membership in the Common Wealth investment fund, with a link that triggered multiple redirects before ending up on a Firebase page masquerading as a "LinkedIn Cloud Share" portal that contained several documents pertinent to board membership, according to a Push Security analysis.Opening any of the documents prompts the appearance of a "View with Microsoft" button, which redirects to another domain that displayed a Cloudflare Turnstile CAPTCHA. Solving the CAPTCHA leads targets to a fraudulent Microsoft authentication page that aimed to collect not only credentials but also session cookies. Such findings come after LinkedIn was reported by Push Security to have been exploited to compromise technology executives."Attackers are getting smarter about where people actually communicate and how to effectively target them and defenders need to keep up," said Push Security Chief Product Officer Jacques Louw.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds