---
title: "LinkedIn Smart Links are Getting Abused Again | Phish Protection"
description: "LinkedIn, one of the biggest professional networking and personal branding platforms, has once again become the center of attraction."
image: "https://phishprotection.com/og/blog/linkedin-smart-links-are-getting-abused-again.png"
canonical: "https://phishprotection.com/blog/linkedin-smart-links-are-getting-abused-again/"
---

Quick Answer

LinkedIn, one of the biggest professional networking and personal \[branding platforms\](/phishing/the-surprising-facts-brand-impersonation-attacks), has \*\*once again\*\* become the center of attraction. And this time, the reason is phishing attacks!

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Flinkedin-smart-links-are-getting-abused-again%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=LinkedIn%20Smart%20Links%20are%20Getting%20Abused%20Again&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Flinkedin-smart-links-are-getting-abused-again%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Flinkedin-smart-links-are-getting-abused-again%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Flinkedin-smart-links-are-getting-abused-again%2F&title=LinkedIn%20Smart%20Links%20are%20Getting%20Abused%20Again "Share on Reddit") [ ](mailto:?subject=LinkedIn%20Smart%20Links%20are%20Getting%20Abused%20Again&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Flinkedin-smart-links-are-getting-abused-again%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2024/01/Phishing-Statistics-For-2024.jpg) 

LinkedIn, one of the biggest professional networking and personal [branding platforms](/phishing/the-surprising-facts-brand-impersonation-attacks), has **once again** become the center of attraction. And this time, the reason is phishing attacks!

Hackers are strategically executing phishing attacks on LinkedIn Smart Links with the sole purpose of cracking through[Microsoft account](/announcements/cybersecurity-updates-for-the-week-22-of-2023) credentials.

[Cybersecurity](/content/cybersecurity-in-a-nutshell) experts discovered that this phishing campaign that lasted between July and August 2023 **targeted** construction, manufacturing, financial, healthcare and energy sectors.

![Phishing Statistics For](https://media.mailhop.org/phishprotection/images/2024/01/Phishing-Statistics-For-2024.jpg) 

Surprisingly enough, this is not the first time that LinkedIn Smart Links have been [targeted by hackers](https://www.darkreading.com/attacks-breaches/threat-actor-abuses-linkedin-smart-links-feature-harvest-credit-cards). A similar incident took place back in 2022 when **Slovakian LinkedIn users** were being targeted. The phishing actors at that time tried to pose as the Slovakian Postal Service and managed to convince the users to pay shipping charges .

### What are LinkedIn Slinks?

Introduced back in 2016, [Slinks or LinkedIn Smart Links](https://business.linkedin.com/sales-solutions/product-update/smart-links) are an integral part of the **app’s Sales Navigator** feature. These Smart Links supports lead generation and improves sales by facilitating a simplified marketing and tracking system.

A business account user can easily share **marketing content** via emails and track those who engage with the emails. 

A typical Slink comprises of the **LinkedIn domain** followed by an 8-character code parameter.

### LinkedIn Slink Phishing Scam Leverages Authentic Appearance?

![Phishing prevention tips](https://media.mailhop.org/phishprotection/images/2023/11/phishing-prevention-tips-2701.jpg) 

When a user clicks on the malicious Slink, they will be redirected to an **almost-legitimate-looking clone** page. This, in reality, is a [phishing kit](/phishing/nakedpages-phishing-toolkit-causing-ruckus-cybersecurity-industry) that collects all the sensitive data of the user.

The trustworthy LinkedIn domain present in the malicious Slink further **builds credibility** among unsuspecting users.

Ultimately, the user goes on and type in their password and BOOM- their Microsoft account and other [sensitive details get compromised](https://www.theguardian.com/technology/2023/jul/05/hwl-ebsworth-hack-russian-gang-released-sensitive-personal-and-government-information-australian-cybersecurity-chief-says).

### What to Do If You Have Already Clicked on a Malicious Link?

The credibility of a LinkedIn domain and the “legitimate-looking” interface of the [phishing page](https://cybersecuritynews.com/facebook-phishing-attack-chain/) can easily lure you to click on a **malicious link**.

In that case, here are a few things that you must do immediately!

#### Avoid panicking and try to gain back control of the situation.

Panicking will only worsen the situation. Stay calm and composed. Get clarity of thoughts and **think of the next steps** that can save you from any kind of [fraud and scams](https://www.theguardian.com/australia-news/2023/nov/06/scam-in-a-box-mygov-suspends-thousands-of-accounts-linked-to-dark-web-kits). Remember, you cannot undo what has happened. So, it is better to focus on what can be done further to prevent any severe repercussions.

#### Avoid any further interaction with the website.

Once you realize that you have clicked on a [malicious link](https://cybernews.com/security/facebook-users-targeted-copyright-infringement-scam/) and your log-in credentials have been compromised, you **must not interact further** with the website. 

_Don’t click on any link that may pop up on the screen._ Avoid filling in any further details. Keep an eye out for any kind of **automatic downloads**, and cancel them out as soon as possible! 

![Phishing attack prevention](https://media.mailhop.org/phishprotection/images/2023/11/phishing-attack-prevention-5611.jpg) 

#### Change all your login credentials and other important passwords.

The next thing that you must do is to alter all the important passwords. For instance, you should change the passwords for your **banking app**, social media profiles, and email IDs.

Make sure you create [different passwords for different accounts](https://www.passwarden.com/help/use-cases/why-you-should-not-use-the-same-password-for-different-accounts).

#### Report the phishing incident to the cyber crime department

Get in touch with the cybersecurity department, local authorities, and other relevant platforms and keep them updated about the [phishing scam](https://www.bloomberg.com/news/newsletters/2023-08-18/qr-code-phishing-spam-email-is-the-next-cybersecurity-threat). Follow their guidance and do not hesitate to take **legal course of action** against the threat actors.

#### Keep a close check on your financial accounts.

Keep an eye on [suspicious bank transactions](https://www.actionnewsnow.com/news/suspicious-activity-in-tri-counties-bank-system-forces-it-to-shut-down-services/article%5F6b0b23a2-a9b2-11ed-818d-af252f9358d2.html). **Check your balance** in intervals. In case you notice any transaction that you have not done yourself, then inform your bank authority immediately. If needed, take the necessary steps to block your credit and debit cards.

#### Keep tracking any kind of suspicious activities such as fraud or identity theft.

Monitor your **credit reports** and financial accounts closely. In case you notice any unusual activity or [fraudulent messages](https://www.khaleejtimes.com/uae/emotional-cyber-frauds-on-the-rise-in-region-scammers-send-emotional-mails-messages-to-con-people), inform the relevant authorities.

Generally, you should sign up for [identity theft protection](/phishing-awareness/phishing-protection-smbs-good-news-bad-news) services as they **keep you updated** about any suspicious activities and security breaches.

It is true that digitization has brought a paradigm shift in the business arena. However, hackers and phishing experts have found [multiple security loopholes](https://thehackernews.com/2023/09/critical-security-flaws-exposed-in.html) using which they can conveniently make their way to your **sensitive information**.

The only key is to stay vigilant and well-informed about the phishing and security trends in your industry. This includes **staying up-to-date** with the latest [phishing protection](/) strategies, participating in [phishing awareness training](/products/phishing-awareness-training), ensuring you’re well-equipped to handle any potential threats.

## Topics

[ Phishing Awareness ](/tags/phishing-awareness/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 14m  12 Real-World Spear Phishing Examples And The Red Flags You Missed  Feb 4, 2026 ](/blog/12-real-world-spear-phishing-examples-and-the-red-flags-you-missed/)[  Foundational 2m  8 million Android users fell prey to SpyLoan malware on Google Play Store  Dec 5, 2024 ](/blog/8-million-android-users-fell-prey-to-spyloan-malware-on-google-play-store/)[  Foundational 1m  A Big Part of the Phishing Problem is You  Sep 17, 2019 ](/blog/a-big-part-of-the-phishing-problem-is-you/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"LinkedIn Smart Links are Getting Abused Again","description":"LinkedIn, one of the biggest professional networking and personal branding platforms, has once again become the center of attraction.","url":"https://phishprotection.com/blog/linkedin-smart-links-are-getting-abused-again/","datePublished":"2023-11-06T09:07:55.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2023-11-06T09:07:55.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/linkedin-smart-links-are-getting-abused-again/"},"articleSection":"foundational","keywords":"Phishing Awareness","wordCount":771,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2024/01/Phishing-Statistics-For-2024.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"FAQPage","mainEntity":[{"@type":"Question","name":"What are LinkedIn Slinks?","acceptedAnswer":{"@type":"Answer","text":"Introduced back in 2016, [Slinks or LinkedIn Smart Links](https://business.linkedin.com/sales-solutions/product-update/smart-links) are an integral part of the **app’s Sales Navigator** feature. These Smart Links supports lead generation and improves sales by facilitating a simplified marketing a..."}},{"@type":"Question","name":"LinkedIn Slink Phishing Scam Leverages Authentic Appearance?","acceptedAnswer":{"@type":"Answer","text":"<img src=\"https://media.mailhop.org/phishprotection/images/2023/11/phishing-prevention-tips-2701.jpg\" alt=\"Phishing prevention tips\" loading=\"lazy\" />"}},{"@type":"Question","name":"What to Do If You Have Already Clicked on a Malicious Link?","acceptedAnswer":{"@type":"Answer","text":"The credibility of a LinkedIn domain and the “legitimate-looking” interface of the [phishing page](https://cybersecuritynews.com/facebook-phishing-attack-chain/) can easily lure you to click on a **malicious link**."}}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"LinkedIn Smart Links are Getting Abused Again","item":"https://phishprotection.com/blog/linkedin-smart-links-are-getting-abused-again/"}]}
```