May 26, 2022

If you received a link to LinkedIn.com via email, SMS or instant message, would you click it? Spammers, phishers and other ne’er-do-wells are hoping you will, because they’ve long taken advantage of a marketing feature on the business networking site which lets them create a LinkedIn.com link that bounces your browser to other websites, such as phishing pages that mimic top online brands (but chiefly Linkedin’s parent firm Microsoft).

At issue is a “redirect” feature available to businesses that chose to market through LinkedIn.com. The LinkedIn redirect links allow customers to track the performance of ad campaigns, while promoting off-site resources. These links or “Slinks” all have a standard format: “https://www.linkedin.com/slink?code=” followed by a short alphanumeric variable.

Here’s the very first Slink created: http://www.linkedin.com/slink?code=1, which redirects to the homepage for LinkedIn Marketing Solutions.

The trouble is, there’s little to stop criminals from leveraging newly registered or hacked LinkedIn business accounts to create their own ad campaigns using Slinks. Urlscan.io, a free service that provides detailed reports on any scanned URLs, also offers a historical look at suspicious links submitted by other users. This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature.

Here’s one example from Jan. 31 that uses Linkedin.com links to redirect anyone who clicks to a…

Read more…

Leave a Reply

Your email address will not be published.