I got this in my mailbox this morning:
Subject: Support alert!
From: "LinkedIn Support" <[email protected]>
Date: Mon, June 8, 2015 2:46 pm
Hello [email protected]
It's very important you get verified.
Pleaseclickhere. [dangerous Link deleted]
LinkedIn Security Team
This message is sent to [email protected]
This message screams "spam / scam" to all of us, yet you'd be surprised to see how many people clicked on it, and their geographic distribution. Because the scammer hided itself behind a bit.ly redirect URL, all of us can track the stats of his campaign:
As you see, there is a lot of clicks, and almost from US exclusively. You would wonder: are these guys using data science to deliver their spam? Companies that I am familiar with would typically pay above $20,000 to get that kind of email performance. Those who do a better job at hiding the bad links and fake sender, would probably get even more traffic. Assuming their click rate is 0.1%, they must have sent their email to 1,000,000 people, with 88% of the recipients in US. Based on the stats below, I suspect Chinese hackers might be involved. It is very unusual to see China as the top non-Western country.
Geographic distribution of those who clicked (and most likely, got infected):
Here's the click distribution over time:
And bit.ly flagged this link as suspicious, last time I checked:
Note: bit.ly stats might be inflated, especially from traffic originating from an email blast.