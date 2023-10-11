Summary: Hackers have once again leveraged LinkedIn Smart Links in phishing attacks topass email protections and steal Microsoft account credentials. Smart Links are part of LinkedIn’s Sales Navigator service and are used for marketing and tracking. These links allow Business accounts to email content with trackable links to determine engagement. The eight-character code parameter in the Smart Links makes them appear trustworthy and aids in evading email security measures.

A recent campaign discovered cybersecurity firm Cofense reveals a surge in LinkedIn Smart Link abuse. The campaign, which took place between July and August 2023, utilized over 800 emails with various subjects to target a wide range of individuals and organizations. The Smart Links used in these attacks originated from newly created or compromised LinkedIn business accounts. Cofense data shows that the most targeted sectors in this campaign were finance, manufacturing, energy, construction, and healthcare.

The phishing emails sent to targets used subjects such as payments, human resources, documents, and security notifications. These emails contained embedded links or buttons that redirected victims to the phishing pages. To add credibility to the phishing process, the Smart Links sent to victims were adjusted to contain their email addresses. This technique created a false sense of authenticity on the Microsoft login page.

The phishing pages resembled standard Microsoft login portals instead of customized designs specific to the targeted companies. While this strategy broadened the range of potential victims, it may deter individuals who are familiar with their employer’s unique login portals.

This campaign highlights the importance of not relying solely on email security tools for protection. Phishing actors are increasingly using tactics that abuse legitimate services topass these security measures. Users should be educated about these threats and adopt additional security measures to safeguard their credentials and personal information.

Definitions:

– Smart Links: Trackable links used in LinkedIn’s Sales Navigator service for marketing and tracking engagement.

– Phishing: A fraudulent activity in which attackers pose as trustworthy entities to deceive individuals and trick them into revealing sensitive information.

– Email Security Tools: Software or services designed to protect against email-based threats, such as spam, malware, and phishing attacks.

