b'messenger MIDWEST INSULATION CONTRACTORS ASSOCIATION7250 POE AVE., SUITE 410 - DAYTON, OH 45414 - micainsulation.orgVOLUME 57NO. 4 APRIL 2023 WHATS INSIDE THIS MONTH:CriminalsaresettingupnewLinkedInbusinessaccountsorusinghackedaccountstosendSlink LinkedIn Phishing links in a variety of scams. There are examples of Presidents MessageSlinks that point to fake IRS pages, Amazon logins, MICA Leadership/Board of Directorsand PayPal phishing pages. Generally, these attacks Industry SnapshotsITReconomicsare phishing for login credentials or personal infor-Total Construction Moves Higher in Februarymation and are dispersed through SMS text message, Save the Dateemail, and instant messenger.Board Meeting Legal ReportSlinksareaneffectivephishingtoolbecause National Safety Stand-DownTo Prevent FallsLinkedIn is widely viewed as a trustworthy site, so in Constructionspamfiltersareunlikelytoblockthelinks.OSHA Injury and Illness Recordkeeping andAdditionally, with many people working from home, Reporting Requirementsandlookingforremotework,thetacticcouldbe 5 Steps to Developing a Successful Businessusedinavarietyofattackvectors.EarlyintheMentoring Program pandemic, we reported on ways LinkedIn was being used to attack employees who were new to a remote job. The attackers posed as the new hires IT support and were able to steal business login credentials in the attack. LinkedIn is also used to scrape personal information LinkedIn Phishing fromusers.Thesitefacesadifficultbalanceofpublic information for the benefit of the jobseeker, HackersareusingLinkedIn andthatsameinformationbeingusedtotargetan businesstoolstocreate individual for an attack.convincingandlegitimateJack Gerbs, Quanexusphishinglinks.LinkedInhasaLike most phishing attacks, criminals use a sense of legitimatetoolthatallows urgency to try to get users to click the link. Be on the businesses to create LinkedIn URL links that link tolookoutforemailsthatlooklegitimateandcould anoutsidesite.Theselinkshavebeendeemedmake it through your spam filter using Linkedin.com SlinksbecausetheURLcodeusedincludestheastherootURL.Iftheemailortextmessageis word.Thegenericformatis threatening agrave consequence ifyou dont click https://www.linkedin.com/slink?code=followedbythe link right away, this should be a red flag to stop, numbers and letters. considerthesource,andcheckthelegitimacyinanother way. 1'