Beware of Phishing Comments on LinkedIn: Important Signs to Look Out For

Phishing scams on LinkedIn are evolving, and the latest tactic involves the use of deceptive comments infiltrating user feeds. This strategy has already demonstrated its effectiveness, making awareness critical for safeguarding personal information.

Recognizing Phishing Comments

When engaging with LinkedIn comments, the last thing users should fear is the possibility of falling victim to a phishing attack. People typically aim to foster meaningful conversations and expand professional networks, but the presence of scams has made users more cautious.

Scammers are now posing as LinkedIn’s moderation bots, issuing warnings in comment threads about hypothetical policy violations that could lead to account locks. These tailored comments appear credible, preying on users’ urge to promptly act. Unfortunately, clicking any links can lead to counterfeit sites designed to harvest sensitive information.

What makes these phishing tactics particularly dangerous is their seemingly legitimate appearance. Unlike traditional scams rife with grammatical errors, these comments utilize Professional LinkedIn branding and often format links in the familiar “lnkd.in” style, heightening their believability.

The urgency instilled by these comments can drive users to act hastily, especially when they believe the message originates directly from LinkedIn. The use of artificial intelligence by scammers to send out comments en masse, while maintaining an authentic look, further complicates the issue.

Identifying Scammers: Linked Very

A notable wave of these scams has been tied to accounts operating under the name “Linked Very.”User Mark O showcased how these phishing comments infiltrated his LinkedIn profile.

Sample Linked Very phishing comment. — Example of a phishing comment from Linked Very, shared by Mark O.

The links in these comments redirect users to pages designed to closely mimic authentic LinkedIn interfaces. While variations of these messages exist, they share a consistent deceptive intention. As reports against “Linked Very”increase, scammers are likely to rotate their profile names to avoid detection.

If you encounter this or any suspicious profile, avoid clicking on links. Instead, report the account directly to LinkedIn. Go to the profile, click the More button, and select Report / Block. The more profiles flagged, the safer the environment becomes for all users.

Phishing Comments Invading Linkedin Report

LinkedIn actively needs user assistance in identifying these malicious impersonations. They are currently working on removing accounts linked to these scams.

Assessing Profile Authenticity

To determine if an alarming comment is legitimate, examine the profile rather than clicking any links embedded in it. Authentic LinkedIn support profiles will have a substantial number of followers. For example, the LinkedIn Help profile boasts 7, 000 followers, while many scam profiles show no followers at all—a major warning sign.

While any new or inactive accounts may lack completeness, legitimate support profiles retain well-developed profiles. If scammers modify their techniques, it remains essential to steer clear of profiles with minimal information or zero followers.

Understanding LinkedIn’s Warning Protocol

It’s crucial to note that LinkedIn does not warn users about violations publicly in comment threads. Instead, they communicate such issues via email directed to registered accounts, outlining the violation and subsequent steps. Although LinkedIn phishing emails exist, it’s advisable to avoid clicking any links in them. Always log into LinkedIn directly for verification.

If you’re uncertain, log into your LinkedIn account directly. There may also be a direct message awaiting you regarding the alleged violation. If both the email and notification are present, consider it a trusted communication.

Should concerns persist, you can contact LinkedIn directly through their support page for assistance.

Protecting Your Account: Key Precautions

LinkedIn will never request users to re-confirm their login credentials if they are actively logged in. If directed to a separate login page, refrain from entering any information. It’s important to note that, under specific conditions, you will be prompted to verify your password when making certain account updates, which is standard procedure.

Checking the Status of Your Account

The phishing scam leveraging the premise of account locks can be easily verified. Simply log out of your LinkedIn account and attempt to log back in. If you can access without issue and have received no notification or email from LinkedIn, your account remains secure, and the comment in question is likely spam.

Evaluating Shortened Links

Any official LinkedIn comment would incorporate a link formatted with linkedin.com or the shortened lnkd.in link. While some phishing attempts masquerade with similar formatting, it’s vital to verify these links before clicking.

Utilize tools such as Expand URL or Unshorten. It to view the entire URL. A simple paste into these tools reveals the true destination.

Additionally, validate links through urlscan.io. This not only clarifies the link’s endpoint but checks for any malicious activity associated with it. In testing one reported phishing link, the tool flagged it as harmful:

A fundamental rule to remember is to avoid clicking links from untrustworthy users. When in doubt, stay cautious; your safety is paramount. After blocking any scammers you encounter, explore additional methods to curate a more relevant LinkedIn feed.

Source & Images