Skip to content

LinkedIn Smart Links attacks return to target Microsoft accounts

October 11, 2023 by Xynik

LinkedIn Smart Links attacks return to target Microsoft accounts

October 11, 2023 at 09:59AM

Hackers are exploiting LinkedIn Smart Links in phishing attacks to steal Microsoft account credentials. The Smart Links, used for marketing and tracking, appear to come from a trustworthy source and bypass email protections. The recent attacks targeted a range of sectors, including finance, manufacturing, energy, construction, and healthcare. The phishing emails use various subjects and include a link/button that redirects to a fake Microsoft login page. Users should not solely rely on email security tools to block threats, as hackers are finding ways to bypass these protections.

Key takeaways from the meeting notes:

1. Hackers are exploiting LinkedIn Smart Links, a feature of LinkedIn’s Sales Navigator service, in phishing attacks to steal Microsoft account credentials.
2. Smart Links appear to originate from a trustworthy source and bypass email protections because they use LinkedIn’s domain followed by an eight-character code parameter.
3. Cofense, a cybersecurity firm, has discovered a surge in LinkedIn Smart Link abuse, with over 800 emails leading to phishing pages targeting various sectors.
4. The recent attacks occurred between July and August 2023, using 80 unique Smart Links, and originated from newly created or compromised LinkedIn business accounts.
5. The most targeted sectors in this campaign are finance, manufacturing, energy, construction, and healthcare.
6. The phishing emails use subjects related to payments, human resources, documents, security notifications, and more, with embedded links/buttons leading to redirects from “trustworthy” LinkedIn Smart Links.
7. The phishing pages adjust the Smart Link to contain the target’s email address, creating a false sense of authenticity on the Microsoft login page.
8. The phishing pages resemble a standard Microsoft login portal, which may deter individuals familiar with their employer’s unique portals.
9. Users should not solely rely on email security tools to block threats, as phishing actors are increasingly using tactics that abuse legitimate services to bypass these protections.
10. It is important to educate users about the risks of phishing attacks and to be cautious when clicking on links or providing login credentials.

Full Article

Categories Security Tags authenticity, blanket attack, block threats., bogus postal service lures, campaign, Cofense, construction, credentials, customized design, cybersecurity firm, documents, email address, email protections, email security company, email security tools, energy, finance, healthcare, human resources, legitimacy, legitimate login portal, LinkedIn, manufacturing, marketing, Microsoft account, Microsoft account credentials, Microsoft login page, password, payments, phishing attacks, phishing page, phishing pages, protection measures, redirects, Sales Navigator, security notifications, Slovakian users, Smart Links, subjects, surge, trackable links, tracking, trustworthy source
From chaos to cadence: Celebrating two decades of Microsoft’s Patch Tuesday
Simpson Manufacturing shuts down IT systems after cyberattack

Recent News

  • FTC warns of online task job scams hooking victims like gambling
  • CISA warns water facilities to secure HMI systems exposed online
  • Russia blocks Viber in latest attempt to censor communications
  • Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection
  • Russian cyberspies target Android users with new spyware
© 2025 Xynik • Built with GeneratePress