LinkedIn Hack is Scraped Data, Company Claims
A hacker who recently offered 700 million LinkedIn records for sale alarmed LinkedIn users and security specialists, but the company insists the data is linked to previously reported scraped data and wasn’t hacked.
The RaidForums post offering the data included a sample users’ full names, genders, birthdates, LinkedIn user names, Facebook user names, Twitter user names, GitHub user names, email addresses, phone numbers, job titles, and full company information.
PrivacySharks’ Madeleine Hodson, the first to report the new leak, noted that while it appears simply to be a “cumulation of data from previous leaks,” that data could still include private as well as public information. What’s more, Hodson observed, the email addresses and phone numbers in the leak can easily be leveraged for email or phone scams, spam campaigns, and identity theft.
Attackers are sending messages disguised as offers from meal-kit services, like HelloFresh.
Attackers are piggybacking off the booming market for meal-kit delivery services since the pandemic, and sending SMS phishing messages doctored up to look like they’re legitimate correspondence from popular brand names including HelloFresh and Gousto.
This is just another example of why the world cannot have nice things.
Researchers at Tessian discovered the meal-kit phishing campaigns and said there are many versions of the phishing pitch. Some are received through SMS, others through WhatsApp. Some ask customers to rate their experience to enter a prize. The messages run the gamut in terms of sophistication from very convincing, to an example Tessian called “easy to spot,” which is riddled with spelling errors.