October 12, 2023 at 10:21AM
A phishing campaign is using LinkedIn smart links to bypass email defenses and target Microsoft users. The campaign involves redirecting users to malicious websites to steal their credentials and personal information. The attackers utilized over 80 unique smart links embedded in more than 800 phishing messages. The campaign targeted individuals from various industries, with a focus on finance and manufacturing organizations.
Key Takeaways from the Meeting Notes:
1. A phishing campaign is using LinkedIn smart links to bypass email defenses and deliver malicious content to Microsoft users’ inboxes.
2. Smart links, a legitimate feature of LinkedIn’s Sales Navigator services, are being abused by threat actors to redirect users to malicious websites for credential and personal information theft.
3. The observed campaign included over 80 unique smart links embedded within more than 800 phishing messages sent to recipients from various industries.
4. The campaign likely used newly created or compromised LinkedIn business accounts to deliver lures related to documents, finance, general notifications, and security.
5. Targeted industries included financial, manufacturing, energy, construction, healthcare, insurance, mining, consumer goods, and technology organizations.
6. The campaign aimed to collect as many credentials as possible using LinkedIn business accounts and smart links, without specifically targeting any particular business or sector.