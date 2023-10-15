Experts have identified a recent phishing campaign that specifically targets Microsoft account credentials, utilizing LinkedIn Smart Links topass email security measures and evade detection. Smart Links, which are part of LinkedIn’s Sales Navigator service, are typically used for marketing purposes allowing businesses to send content via email using special links that track user interactions.

Criminal hackers have been abusing this LinkedIn feature to conduct phishing attacks, and researchers have noted an increase in the abuse of Smart Links. In fact, more than 800 phishing emails covering various topics have led unsuspecting users to malicious websites. These attacks occurred between July and August 2023 and relied on 80 unique Smart Links originating from recently created or compromised LinkedIn business accounts.

Industries such as finance, manufacturing, energy, construction, and healthcare have been particularly impacted this campaign. The primary objective of the hackers was to gather as many credentials as possible. The phishing emails sent to victims employed subject lines related to payments, recruitment, documents, security alerts, and more. Clicking on an embedded link or button would trigger a series of redirects using LinkedIn Smart Links.

To add a perceived legitimacy to the event and give victims a false sense of security, the “smart links” contained the victim’s email address. Consequently, the phishing page automatically inserted this email into the login form, expecting the victim to only provide a password.

One notable aspect of this campaign is that the phishing pages resembled Microsoft account login pages, rather than having a custom design specific to a particular company. While this broadens the list of potential targets for hackers, it can also be alarming for individuals who are accustomed to unique portals provided their employers.

It is important for users to remain vigilant against phishing attempts and exercise caution when interacting with suspicious emails or clicking on unfamiliar links. Regularly updating passwords and enabling multi-factor authentication can significantly enhance account security.

Source: Red Hot Cyber editorial team.