(The Hosting News) – Following the massive data breach that succeeded in leaking possibly millions of LinkedIn user passwords, scammers are coming out of the wordwork to take advantage of unsuspecting victims.
According to a BBC report, a sent message to various email account owners asks that users confirm their email addresses by clicking on a link purported to belong to LinkedIn. However, it really doesn’t lead to the business social site. It’s a phishing scam deployed by scammers. Instead, counterfeit drugs are contained in the misleading link.
TheVerge.com reported on Wednesday that hackers had leaked 6.46 million hashed passwords and boasted about the breach via a Russian web forum. LinkedIn initially said it was unable to confirm the matter but later did, adding extra security for affected accounts.
While the social network is sending users affected in the breach emails with how to secure their LinkedIn profiles, those emails are drastically different than the ones pushes by online phishers. LinkedIn’s official emails actually contain no links, an obvious difference from the fake ones.
LinkedIn users trying to log in in with old passwords leaked in the breach won’t be able to do so. Instead, they’ll be directed to request password assistance from the company. Once that step is complete, they’ll be able to perform a reset.
“It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases,” LinkedIn Director Vicente Silveira said in a company blog post regarding the matter. Despite many headlines primarily naming LinkedIn, it wasn’t the only company affected by the breach. Passwords were also taken from online dating website eHarmony.