LinkedIn Smart Links Identified in Sizable Credential Phishing Campaign


In 2022, the Cofense Phishing Defense Center (PDC) noticed phishing attacks that leveraged LinkedIn links known as Smart Links or “slink” to bypass security email gateways or SEGs to send credential phishing, as previously detailed in the LinkedIn blog on smart links.

Smart links are links that are used by a LinkedIn team or business account that is linked to LinkedIn Sales Navigator services to give information and track engagement data. A year later, in late July/early August, a revival of Smart Links was discovered in a large credential phishing attempt targeting Microsoft Office credentials, which was creeping back into inboxes.

Read More…