New strategies to outwit email security defenses and compromise users' sensitive information pop up almost daily.

LinkedIn "smart links" have been the theme for phishing campaigns in the past and have now risen to popularity again.

By harnessing LinkedIn's smart links to bypass email gateways trained to trust LinkedIn, cybercriminals can deliver malicious content into Microsoft users' inboxes.

This sophisticated tactic is a stark reminder of the constant need for vigilance and continuous cybersecurity awareness training.

LinkedIn Smart Links: A Double-Edged Sword

LinkedIn's "smart links" are typically associated with its Sales Navigator services, enabling businesses to promote websites and advertisements by redirecting users to specific domains and landing pages. It's a legitimate feature meant to streamline marketing and engagement efforts. However, cybercriminals are exploiting it for their gain.

The Play

The attackers behind this phishing campaign have harnessed the trust that email gateways place in LinkedIn by using smart links to redirect users to malicious websites. By adding in certain redirects and autofill components, these sites are designed to steal credentials and personal information from unsuspecting victims. What's particularly alarming is the scale of this operation.

Attacking at Scale

More than 80 unique smart links are reported to have been embedded within more than 800 phishing messages sent to recipients from various industries, with financial services and manufacturing receiving the most attack messages.

Deceive Detection

To make matters worse, the attackers have gone to great lengths to make their smart links appear convincing. Typically, a LinkedIn smart link consists of the LinkedIn domain followed by a parameter and an eight-alphanumeric character ID. By adding extra layers of deception to automatically include the recipient's email address, the victim is redirected to a phishing form that's pre-filled with their email information, making it seem legitimate. The phishing form then tricks users into divulging their Microsoft account credentials via a faux confirmation request.

A Wide Net

It's not just financial services and manufacturers who are being hit hard by this campaign. Energy, construction, healthcare, insurance, mining, consumer goods, and technology organizations are all also under attack. This wide-ranging approach is a reminder no sector or organization is immune to such cyber threats.

The Bottom Line

The exploitation of LinkedIn's smart links by cybercriminals is an example of how the bad guys are capable of adapting by evolving their tactics.

Cybersecurity remains a multi-prong approach with training and awareness still central to a successful strategy.

With a holistic approach centered on educating employees to be able to spot and avoid falling victim to even the most sophisticated attacks, you can keep your organization safer.

Remember, it's better safe than sorry and even when something looks legitimate, it's always best to go direct.