---
title: "Global Amazon Threats,  LinkedIn Attack Hotspot, Ledger Breach Safety, Cybersecurity News [January 9, 2025] | DuoCircle"
description: "Last week was replete with unfortunate phishing mishaps. Here are the top cyber incidents that we have covered for you to keep you updated."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-2-of-2026/"
---

Quick Answer

Cybersecurity stories from the week of January 9, 2025: Amazon customers faced a wave of fake order-confirmation, refund, and account-suspension phishing emails and SMS messages worldwide, designed to harvest credentials and payment details. LinkedIn became a more frequent attack surface, with adversaries running fake recruiter profiles and InMail-based phishing to deliver malware and credential-theft pages. Hardware-wallet maker Ledger faced renewed customer-data abuse stemming from its 2020 breach, with phishing campaigns and physical extortion mailers reaching affected customers. Attackers impersonated Google Support to coax users into approving suspicious sign-in prompts. And Cisco disclosed a switch reboot bug affecting Catalyst devices that could disrupt enterprise networks until patched.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-2-of-2026%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Global%20Amazon%20Threats%2C%20%20LinkedIn%20Attack%20Hotspot%2C%20Ledger%20Breach%20Safety%2C%20Cybersecurity%20News%20%5BJanuary%209%2C%202025%5D&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-2-of-2026%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-2-of-2026%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-2-of-2026%2F&title=Global%20Amazon%20Threats%2C%20%20LinkedIn%20Attack%20Hotspot%2C%20Ledger%20Breach%20Safety%2C%20Cybersecurity%20News%20%5BJanuary%209%2C%202025%5D "Share on Reddit") [ ](mailto:?subject=Global%20Amazon%20Threats%2C%20%20LinkedIn%20Attack%20Hotspot%2C%20Ledger%20Breach%20Safety%2C%20Cybersecurity%20News%20%5BJanuary%209%2C%202025%5D&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-2-of-2026%2F "Share via Email") 

![cybersecurity news](https://media.mailhop.org/duocircle/images/2026/01/email-smtp-service-7865.jpg) 

Last week was replete with unfortunate phishing mishaps. Here are the top [cyber incidents](https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents) that we have covered for you to keep you updated. While Amazon, the e-commerce giant, is being targeted by phishing actors, left, right, and center, LinkedIn is also becoming a popular playground for [cybercrooks](https://www.bitdefender.com/en-us/blog/hotforsecurity/cyber-crooks-steal-180000-from-small-business-via-advanced-persistent-threat). The **crypto community** is already in shock because of the Ledger customer data breach incident. Meanwhile, a highly sophisticated campaign is targeting the user credentials by impersonating Google Support.

## Amazon users around the globe are prone to threat attacks!

Threat attacks on Amazon have surged since Christmas 2025\. Even the New Year could bring no relief. According to Darktrace, **Amazon accounts** for almost [80%](https://www.forbes.com/sites/zakdoffman/2026/01/07/new-amazon-attacks-have-started-do-not-update-your-account/) of phishing attacks. _Amazon users around the world are receiving daily piles of emails asking them to update or verify their Amazon account details_. The latest campaign is designed to target Apple users specifically. 

[![phishing threat](https://media.mailhop.org/duocircle/images/2026/01/phishing-attack.jpg)](https://media.mailhop.org/duocircle/images/2026/01/phishing-attack.jpg)

It says, “following a New Year system update, [iCloud has started routine security verification](https://us.norton.com/blog/account-safety/is-icloud-safe) to protect accounts from unusual sign-ins, **unfamiliar devices**, and outdated login details.” The same message instructs the Apple user to click on the “Update Account” button. When the victim clicks on the legitimate-looking, yellowish Update Account Information button, they get redirected to a [malicious sign-in page](https://www.forbes.com/sites/zakdoffman/2026/01/07/new-amazon-attacks-have-started-do-not-update-your-account/). This page has been designed to extract security credentials. 

[Cybersecurity](/) experts have **urged Amazon users** to avoid updating their accounts at any cost. Also, it is advised to review the user guidance Amazon provides to help users avoid such phishing scams. 

Experts state that AI has made it easy for threat actors to create “pixel-perfect” clones of **renowned brands**, which they use to [target unsuspecting users](https://local12.com/news/consumer-alerts/tech-support-scams-target-unsuspecting-users-with-fake-alerts-calls-microsoft-google-apple-calls-texts-messages-scammers-ip-address-popup-banking-computer). They have urged users to avoid signing in to any account via links in SMS or email. _Using the official website or the app is a smart and well-informed move in such situations._ 

[![threat protection](https://media.mailhop.org/duocircle/images/2026/01/threat-actor-linkedin.jpg)](https://media.mailhop.org/duocircle/images/2026/01/threat-actor-linkedin.jpg)

## LinkedIn is increasingly becoming a top pick among threat actors!

Phishing tactics have evolved tremendously in the past couple of years. The latest trends show that phishing actors are now choosing social media apps like LinkedIn to fulfil **malicious intentions**. In fact, [1 out of every 3 phishing attempts](https://www.pandasecurity.com/en/mediacenter/why-attackers-are-phishing-on-linkedin-and-how-to-stop-it/) takes place outside email inboxes. 

LinkedIn is gradually becoming a popular choice among [phishing actors](https://www.linkedin.com/posts/smoinuddin%5F5-reasons-why-attackers-are-phishing-over-activity-7393993221091000320-CBKD) because the **platform provides convenient**, straightforward access to top decision-makers. It is equally easy to get in touch with the employees of any specific company that the cybercrooks may be targeting. Those associated with platforms like [Google Workspace](https://guardz.com/blog/the-new-front-line-identity-threats-targeting-google-workspace-in-2025/) and Microsoft Entra are being targeted specifically. The idea is to zero in on a couple of companies and enterprises where the response action, logging, and visibility systems are evidently weak. 

LinkedIn phishing is a considerably safe action plan for [threat actors](/email-security/threat-actors-abuse-linkedins-smart-links-in-evasive-email-phishing-attacks/) as the platform helps them bypass conventional security tools conveniently. _Besides, LinkedIn phishing is cheaper and scalable as compared to other forms of phishing_. Also, because of the inherent nature of the platform, any **unsolicited message** in your DMs does not seem suspicious.

[![cyber threat](https://media.mailhop.org/duocircle/images/2026/01/phishing-info.jpg)](https://media.mailhop.org/duocircle/images/2026/01/phishing-info.jpg)

Cybersecurity experts have urged LinkedIn users to treat every DM, message, and connection request as vigilantly as they would with **regular emails**. Enabling [Multi-Factor Authentication](https://www.cybermaxx.com/resources/multi-factor-authentication-the-key-to-stronger-cybersecurity/) is also advisable to minimize the effect of stolen passwords. 

## Ledger customer data breach- how to stay safe and secure as a customer

Ledger is a well-known brand among crypto enthusiasts. This Monday, the hardware wallet manufacturer confirmed that during a recent [data breach](/announcements/cyber-security-news-update-week-33-of-2025/) incident, customer data was compromised. Ledger has claimed that the cyber mishap took place because of Global-e, its third-party **e-commerce partner**.

[![data protection](https://media.mailhop.org/duocircle/images/2026/01/data-breach-ledger.jpg)](https://media.mailhop.org/duocircle/images/2026/01/data-breach-ledger.jpg)

Because of the cyber incident, [personal data](https://www.brightdefense.com/news/ledger-breach/) like contact details and names of users have been compromised. However, Ledger has claimed that phishing actors could not access payment details, private keys, or **wallet funds**. 

Users have already started witnessing a sudden spike in scam and [phishing attempts](https://www.cointribune.com/en/ledger-users-hit-by-phishing-scam-after-global-e-data-breach-exposes-order-information/). _The threat actors are trying to impersonate_ **_Global-e support_** _or Ledger to trick users into sharing sensitive data._

Experts believe that whether or not your [Ledger data has been leaked](https://www.certik.com/resources/blog/lessons-from-the-ledger-data-leak-how-to-secure-your-crypto), you can still fall prey to a phishing attempt if you happen to own a **Ledger hardware wallet**.

## Cybercrooks posing as the Google Support team to gain access to user credentials

[![cyber threat](https://media.mailhop.org/duocircle/images/2026/01/cybercrooks-google-support.jpg)](https://media.mailhop.org/duocircle/images/2026/01/cybercrooks-google-support.jpg)

A whole new, high-end phishing campaign has been doing the rounds. The campaign involves threat actors posing as **Google Support team members**. The cybercrooks have strategically blended [spoofed domains](https://teamwin.in/new-sophisticated-phishing-attack-mimic-as-google-support-to-steal-logins/), vishing, and Google’s own infrastructure to gain credibility and higher success rates. 

First, they connect over calls and use vishing and mimic Google Support executives. Next, they share a malicious link in follow-up emails to further gain the trust of the victim. The biggest concern is that cyberattackers are exploiting [Google Cloud Application Integration services](https://www.securitymagazine.com/articles/102066-google-cloud-service-exploited-in-new-phishing-campaign) rather than using a false domain. When a victim clicks a malicious link, they are redirected to pages that can display fake **CAPTCHA verification screens**. 

## Cisco switch reboot issue

_Cisco networking switches from several product lines, including CBS250, CBS350, SG350/550X, and Catalyst 1200/1300, have been caught in continuous reboot loops due to a DNS client bug, disrupting_ **_networks globally_**. The problem began around the same time across multiple systems, with affected devices logging fatal [DNS lookup errors](/content/spf-too-many-dns-lookups/spf-compression), such as failing to resolve or time servers, and then rebooting every few minutes.

[![phishing attack](https://media.mailhop.org/duocircle/images/2026/01/malicious-link.jpg)](https://media.mailhop.org/duocircle/images/2026/01/malicious-link.jpg)

Administrators found temporary workarounds by disabling [DNS resolution](https://www.bleepingcomputer.com/news/security/cisco-switches-hit-by-reboot-loops-due-to-dns-client-bug/), turning off time sync (SNTP), or blocking outbound internet access from [switch management interfaces](https://www.sdxcentral.com/news/cisco-sees-duo-of-trouble-in-switches-and-network-access-control/), which helped stabilize devices. Cisco acknowledged the issue privately to some customers, noting it affects small-business-series switches, and said changes in upstream **CDN behavior** were recently rolled back, reducing the immediate impact.

## Topics

cyber securityemail securityNewsSecurity 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 4m  Cambodia Targets Cybercriminals, Traditional Security Insufficient, AI Against Phishing, Cybersecurity News \[March 09, 2026\]  Mar 16, 2026 ](/blog/announcements/cyber-security-news-update-week-11-of-2026/)[  News 6m  Lazarus Infects NPM, MassJacker Steals Crypto, CISA Alerts Ivanti, Cybersecurity News \[March 10, 2025\]  Mar 17, 2025 ](/blog/announcements/cyber-security-news-update-week-12-of-2025/)[  News 6m  RedCurl Ransomware Targets, CS2 Steam Phishing, Fake Converter Cyberattacks , Cybersecurity News \[March 24, 2025\]  Apr 1, 2025 ](/blog/announcements/cyber-security-news-update-week-14-of-2025/)[  News 5m  Essential Check Secures, Prevention Beats Recovery, Treasury Cyber Breach- Cybersecurity News \[December 30, 2024\]  Jan 6, 2025 ](/blog/announcements/cyber-security-news-update-week-2-of-2025/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Global Amazon Threats,  LinkedIn Attack Hotspot, Ledger Breach Safety, Cybersecurity News [January 9, 2025]","description":"Last week was replete with unfortunate phishing mishaps. Here are the top cyber incidents that we have covered for you to keep you updated.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-2-of-2026/","datePublished":"2026-01-12T19:58:49.000Z","dateModified":"2026-01-13T13:43:38.000Z","dateCreated":"2026-01-12T19:58:49.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-2-of-2026/"},"articleSection":"announcements","keywords":"cyber security, email security, News, Security","wordCount":919,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2026/01/email-smtp-service-7865.jpg","caption":"cybersecurity news","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Global Amazon Threats,  LinkedIn Attack Hotspot, Ledger Breach Safety, Cybersecurity News [January 9, 2025]","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-2-of-2026/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Global Amazon Threats,  LinkedIn Attack Hotspot, Ledger Breach Safety, Cybersecurity News [January 9, 2025]","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-2-of-2026/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Global Amazon Threats,  LinkedIn Attack Hotspot, Ledger Breach Safety, Cybersecurity News [January 9, 2025]","description":"Last week was replete with unfortunate phishing mishaps. Here are the top cyber incidents that we have covered for you to keep you updated.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-2-of-2026/","datePublished":"2026-01-12T19:58:49.000Z","dateModified":"2026-01-13T13:43:38.000Z","dateCreated":"2026-01-12T19:58:49.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-2-of-2026/"},"articleSection":"announcements","keywords":"cyber security, email security, News, Security","wordCount":919,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2026/01/email-smtp-service-7865.jpg","caption":"cybersecurity news","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```