The common garden-variety phishing attack uses a technique some experts call
spray and pray. Fraudsters set up a clone of some sensitive site such as an online banking website and try to trick people into logging in. It doesn’t matter if 999 people are smart enough to spot and avoid the fraud. That one in a thousand who’s distracted or foolish enough to log in is pure gold to the fraudsters. With the captured login credentials, they have total power over the compromised account. The recent LinkedIn phishing attack was nothing at all like this.
Before its attempts to morph into a full-on social media site, LinkedIn focused almost entirely on making connections and finding jobs. That high-importance contact who wouldn’t respond to your emails might become more responsive after a personal introduction by a mutual friend. And putting your resume and experience on LinkedIn means people can find you to make connections or even job offers. That’s the expectation recent attacks ha