HomeWinBuzzer NewsLinkedIn Smart Links Exploited in Phishing Attacks Aimed at Microsoft Accounts

LinkedIn Smart Links Exploited in Phishing Attacks Aimed at Microsoft Accounts

-

account users are in danger of cyberattacks that utilize LinkedIn's Smart Links to spread and steal login credentials, warns firm Cofense. These Smart Links are a part of 's Sales Navigator service and are commonly used for marketing and tracking purposes by business account holders. Cofense has so far detected over 800 such suspicious emails.

A Technique Not Novel, Aims at Broad Range of Targets

Cofense had previously identified this exploitation technique in late 2022. The recent attacks happened between July and August 2023, where the cyberattackers used 80 unique Smart Links. These attacks were identified to be originating from either newly created or compromised LinkedIn business accounts. Industries such as finance, manufacturing, energy, construction, and healthcare were most targeted in these attacks. However, the campaign appears to be widespread rather than targeting a specific sector.

The Deception – Tricking Through Authenticity and Trust

The phishing process is cleverly designed, creating a false sense of authenticity. The victims receive emails with subjects relating to payments, HR, documents, security notifications, and are redirected to phishing pages via the embedded LinkedIn Smart Link. Upon clicking the link, the phishing page auto-fills the victim's email address in the form, resembling the procedure on a legitimate login page, and prompts the victim to enter their password. The fake page resembles a standard Microsoft login portal rather than a customized portal, targeting a broader group of users.

Users are advised to be cautious and not completely rely on email security tools, as phishing actors are adopting techniques that abuse legitimate services to bypass these protections. Even a seemingly harmless LinkedIn feature is now being exploited by cybercriminals, stressing the importance of awareness and caution in navigating the online world.

Markus Kasanmascheff
Markus Kasanmascheff
Markus is the founder of WinBuzzer and has been playing with Windows and technology for more than 25 years. He is holding a Master´s degree in International Economics and previously worked as Lead Windows Expert for Softonic.com.
Mastodon