Avanan's research into malformed links on LinkedIn was featured in KrebsonSecurity. Shortened URLs on LinkedIn can be used to hide phishing. As Brian Krebs writes:
More recently in late 2021, Jeremy Fuchs of Avanan wrote that the use of a LinkedIn URL may mean that any profession — the market for LinkedIn — could click.
“Plus, more employees have access to billing and invoice information, meaning that a spray-and-pray campaign can be effective,” Fuchs wrote. “The idea is to create a link that contains a clean page, redirecting to a phishing page.”
Read the rest of the article at KrebsonSecurity.
