Dan Goodin on Nostr: Anybody know what's behind all the unsoliticited emails being sent to LinkedIn users? ...
Anybody know what's behind all the unsoliticited emails being sent to LinkedIn users? They include a one-time link to log in. They all come from an IP address geolocated to Kentucky. When using a browser not authenticated to a LinkedIn account, clicking the link leads to a genuine LinkedIn page. Anybody know what would happen if the browser was authenticated to the account of the person receiving the email? Lots of people from all over the world have been receiving emails just like the one below, a thread on Reddit shows.
https://www.reddit.com/r/linkedin/comments/193atde/getting_instant_signin_links_from_legit_linkedin/ 
Published at
2024-01-30 23:31:45Event JSON
{
"id": "359e186bc218f410802f1afc63e9400de976cdf40934631bd26831c4e8d4c0a5",
"pubkey": "213fab2c986489bc5cb7208142003791cb6efd20dae0ec4832d87d0d7b70d20b",
"created_at": 1706657505,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/dangoodin/statuses/111847506252793407",
"activitypub"
]
],
"content": "Anybody know what's behind all the unsoliticited emails being sent to LinkedIn users? They include a one-time link to log in. They all come from an IP address geolocated to Kentucky. When using a browser not authenticated to a LinkedIn account, clicking the link leads to a genuine LinkedIn page. Anybody know what would happen if the browser was authenticated to the account of the person receiving the email? Lots of people from all over the world have been receiving emails just like the one below, a thread on Reddit shows. \n\nhttps://www.reddit.com/r/linkedin/comments/193atde/getting_instant_signin_links_from_legit_linkedin/\n\nhttps://media.infosec.exchange/infosec.exchange/media_attachments/files/111/847/488/473/640/968/original/2715dc38542af8e4.jpg",
"sig": "7d1ce9cea5cc694bb6464e76f5641849c5501b339cff469ca56e7b18d73c70c7f5da6aefa3c135fa3fabb25d04bc683ba715fd4a1aabc1612c95be255ac7c085"
}
