Hackers use LinkedIn Smart Links to target users in phishing attack

Cofense Phishing Defence Center (PDC), has identified a phishing campaign targeting LinkedIn users. It has been reported that a suspicious number of phishing messages were sent via LinkedIn. Smart Links are offered to business accounts as part of the Sales Navigator service. Smart Links are used to reach out to other LinkedIn users – the links are trackable and allow senders to track engagement.

Threat actors have found a way to exploit the feature and redirect users to malicious websites that attempt to steal personal information and credentials. Phishing has been a go-to tactic for cybercriminals for a long time. The best defence to stay safe online is to never click suspicious links, and if you’re browsing an untrustworthy website, always protect yourself by connecting to a VPN, which conceals your IP address and web activity. A VPN won’t protect you from a phishing attempt that requires you to input personal details. However, some VPNs have built-in phishing detection or can detect and alert you if you’re visiting a malicious website.

Between July and August 2023, Cofense says that some 800 emails were sent out using around 80 links. The messages contained typical phishing copy relating to financial, document, security and general notifications in a bid to lure victims. Links can be sent via newly created LinkedIn accounts or existing compromised accounts.

Leveraging Smart Links in phishing isn’t new. In 2022, Cofense identified the same LinkedIn phishing campaign, which used Smart Links as bait. Similar tactics were deployed and threat actors bypassed the security email gateway (SEG) to deliver credential phishing.

Why was LinkedIn targeted?

The popular social network for professionals is used to share business news, hunt for jobs and connect with like-minded business people. Like most other social media platforms, users are required to enter personal credentials – making it a target for hackers.

LinkedIn has credible trust signals, which makes it a lucrative target. A trusted domain name can allow threat actors to take advantage of unsuspecting victims who are more likely to click malicious links. Cofense reported that while the hackers weren’t targeting any one specific, several industries were targeted – the finance and manufacturing sectors were hit the hardest.

Phishing is one of the most common cybercrimes, and tactics have become so sophisticated these days that it can, at times, be tricky to identify a bogus link – like with the Smart Links phishing campaign. It can be used in the form of phone calls, text messages or emails. When receiving emails, you should err on the side of caution when it comes to clicking links – especially from untrusted or unrecognised sources.

Rachel Sadler

Home Tech Writer

Rachel is a seasoned writer who has been producing online and print content for seven years.

As a home tech expert for Independent Advisor, Rachel researches and writes buying guides and reviews, helping consumers navigate the realms of broadband and home security gadgets. She also covers home tech for The Federation of Master Builders, where she reviews and tests home security devices.

She started as a news and lifestyle journalist in Hong Kong reporting on island-wide news stories, food and drink and the city’s events. She’s written for editorial platforms Sassy Hong Kong, Localiiz and Bay Media. While in Hong Kong she attended PR events, interviewed local talent and project-managed photoshoots.

Rachel holds a BA in English Language and Creative Writing and is committed to simplifying tech jargon and producing unbiased reviews.