When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Case in point - LinkedIn Smart Links.
The messages also carry an embedded link or a button that redirects the victim from LinkedIns trustworthy message elsewhere.
To be able to send these messages, the attackers need to have access to LinkedIn Business accounts.
In some cases, they use either newly created accounts, or those stolen in earlier attacks.
The victims are mostly finance, manufacturing, energy, construction, and healthcare firms.
The goal of the campaign is to stealMicrosoftaccount credentials.
As LinkedIn is generally considered a safe platform, most email protection tools allow messages from its domain through.
ViaBleepingComputer
