We see lots of phishing attempts for email credentials. This one is slightly different than many others and much more involved and complicated. The email has a link to a site which contains a data:text base64 encoded content. data:text urls are dangerous and recently Internet Explorer and Google Chrome have stopped displaying the urls or the content from them. That leaves Firefox as the only commonly used browser that is vulnerable to this sort of attack. All the sites involved in this phishing scam look like compromised WordPress sites.
They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers.
These phishing emails do not come from LinkedIn. They are not sending the emails to you. They are just innocent victims in exactly the same way as every recipient of these emails.
To read the original article: