Scammers Are Impersonating LinkedIn | Lifehacker
If you receive a warning on a LinkedIn post that your account has been restricted, don’t participate. Fraudsters are using LinkedIn branding in official-looking “reply” comments to distribute phishing links intended to harvest users’ login information.
As BleepingComputer reports, this identity theft campaign relies on fake company pages and LinkedIn’s official link shortener to trick users into “verifying” their identity on a domain run by bad actors. Here’s what to look for.
Scammers respond to LinkedIn posts with messages claiming that users have violated the platform’s policies in some way. The comments include a link that users are encouraged to click to prevent their accounts from being further restricted or suspended.
In some cases, the link preview text states “We take steps to protect your account when we detect signs of potential unauthorized access.” This may include connections from unknown locations or… which may convince users to ignore the link itself, which clearly does not lead to a page on a valid LinkedIn domain. In others, the fraudsters further obscured the phishing site using LinkedIn’s official URL shortener, lnkd.in., which is even less likely to arouse suspicion, especially if the link preview doesn’t generate on some devices.
If you click on the link, you will land on a phishing page that uses LinkedIn branding and contains more information about the alleged account restriction with a button to “Verify your identity.” This leads to another page that closely spoofs LinkedIn’s standard login interface and is designed to steal your credentials.
What do you think of it so far?
The reply comments themselves use LinkedIn’s logo and branding and are connected to company pages with variations of the platform name, “Linked Very,” for example. These are obviously fake at first glance, because they don’t contain any robust content (such as posts, employees, or followers) that you’d expect from real LinkedIn. But users could absolutely follow the phishing link without further investigating the commenter.
As always, any urgent messages or comments regarding the security or status of your account, no matter how official, should raise red flags. A second look at these responses makes it clear that they are not from the real LinkedIn, which will not send communications about account or policy violations in a public manner or direct you to click on links in comments or private messages.
