Email security provider Cofense has recently discovered a new phishing campaign that deployed over 800 emails and leveraged LinkedIn Smart Links. The campaign, which was active between July and August 2023, targeted users across various industries using subject themes like financial, document, security, and general notifications.

The primary targets of this campaign were found to be the financial, manufacturing, and energy sectors. According to Cofense, the goal of the campaign was to collect as many credentials as possible using LinkedIn business accounts and Smart Links.

LinkedIn Smart Links, also known as slinks, are utilized LinkedIn business accounts to deliver content and track user engagement through the LinkedIn Sales Navigator. These links typically use the LinkedIn domain followed an eight-alphanumeric character ID. However, malicious Smart Links can contain additional information, such as obfuscated victim emails.

The use of Smart Links allows threat actors topass security email gateways and other email security suites since the links appear to originate from a trusted domain. This recent discovery of a large number of Smart Links-based phishing messages indicates that the associated accounts are either newly created or previously compromised LinkedIn business accounts.

When a user clicks on a malicious Smart Link embedded within an email, they are directed to a phishing page through a series of redirects. The phishing kit then uses the victim’s email attached to the Smart Link to autofill a fake form, mimicking a legitimate Microsoft sign-in page. However, even though the link may not contain the victim’s email in the URL, it still leads to a credential phishing page.

While LinkedIn Smart Links have been utilized in previous phishing campaigns, they are not commonly used malicious actors. Cofense advises employees to exercise caution and refrain from clicking on suspicious or unexpected links in emails. It emphasizes the importance of both email security suites and ongoing training to combat phishing attempts effectively.

