by There is a new way for hacker groups to launch phishing email attacks! Some researchers found that attackers directed victims to phishing websites through Smart Link, a unique URL sharing and tracking feature for paid users of LinkedIn. Because email security systems often regard Smart Link’s URL as legitimate, hackers can evade detection by such systems. Techniques used in phishing attacks, as well as attacks using shadow domains, are also worth noting. Security practitioners have warned that such domains appeared in large numbers in the second quarter of this year and were used to set up phishing sites, but most were deemed harmless by VirusTotal. Developers hired by the ransomware hacking group LockBit, suspected of dissatisfaction at the top, leaked a ransomware generator provided to attackers, a move that researchers believe is likely to lead to many hackers using it to launch attacks.
