Phishers exploit Adobe A/B testing tool in LinkedIn scam
▼ Summary
– A phishing campaign targets professionals using fake LinkedIn business emails.
– The attack abuses a trusted Adobe service to appear legitimate.
– The email initially resembles a routine LinkedIn notification or business message.
A sophisticated phishing campaign is currently targeting professionals by sending fraudulent emails that appear to originate from LinkedIn, while simultaneously exploiting a legitimate Adobe A/B testing tool to bypass security filters. The attack chain begins when the recipient receives a message that, upon initial inspection, closely resembles an official LinkedIn business notification. However, the email is entirely fake.
The Adobe service at the center of this scheme is its A/B testing platform, which allows marketers to experiment with different email versions. Cybercriminals have co-opted this trusted infrastructure to host malicious content and evade detection by email security systems. Because the emails are routed through Adobe’s own servers, they often pass through spam filters and land directly in the victim’s inbox.
Once the victim engages with the email, typically by clicking a link or downloading an attachment, they are redirected to a convincing but fraudulent LinkedIn login page. This page is designed to capture credentials, including usernames and passwords. In some variations, the attack may also attempt to harvest additional personal or professional information.
Security researchers have noted that the use of a trusted third-party service like Adobe’s helps the phishing emails appear more legitimate to both automated scanners and human readers. The attackers have carefully crafted the messages to mimic the tone and branding of real LinkedIn correspondence, making them particularly dangerous for busy professionals who might not scrutinize every email.
To protect against this threat, experts recommend enabling multi-factor authentication on all LinkedIn accounts, carefully inspecting email sender addresses for subtle discrepancies, and avoiding clicking links in unsolicited messages. Organizations should also consider updating their email security policies to flag or block emails routed through third-party marketing tools unless explicitly whitelisted.
This campaign underscores a growing trend among cybercriminals: abusing legitimate business tools to lend credibility to their attacks. As more companies rely on platforms like Adobe for marketing and analytics, the potential for similar exploits will likely increase.
(Source: Help Net Security)
