LinkedIn users allowed to attach links to their posts in LinkedIn website.
User that will click on these links will open the links using the LinkedIn ViewLink mechanism that will open the link in a iFrame.
Attackers can upload a regular LinkedIn phishing page and abuse this ViewLink mechanism and fool users and steal their passwords, all they need to is to attach a link to this phishing page in their posts.
We did this POC (proof of concept) today, here is what I got:
So now the poor users need not just to verify the domain on the address bar, they also need to verify they are not entering their credentials on ViewLink or on ViewArticle pages.