LinkedIn-themed phishing abuses Adobe’s A/B testing platform

A phishing campaign sends seemingly legitimate LinkedIn business emails with double-extension attachments (HTML disguised as PDF). When opened, the attachment shows a heavily obfuscated, personalized fake LinkedIn login page; credentials entered are exfiltrated to attacker servers while the user is redirected to the real LinkedIn. The attackers also abuse Adobe Target (omtrdc.net) to make traffic appear trusted and to track victim interactions. Users are advised to enable MFA, avoid opening unsolicited attachments, and access accounts via official sites or bookmarks.