- Attackers Post Fake Comments on LinkedIn Claiming Accounts Are Locked Due to Breaches
- Links lead to phishing sites imitating LinkedIn login and stealing user credentials
- LinkedIn confirms its awareness and emphasizes that it never communicates bans via public comments
As if AI-generated posts and comments weren’t enough, LinkedIn activity is now also bombarded with phishing content, experts have warned.
A report of BeepComputer pointed out that recently, several LinkedIn users have seen comments under different posts, appearing to come from the platform itself. The comment states that the user has repeatedly violated the platform’s terms of service and that their account is now locked and awaiting review.
The post also shares a link allowing the user to “reactivate” their account and “lift” the ban. Those who follow through will end up on a page that looks like a legitimate LinkedIn login page that is, in fact, passing credentials to the attackers.
LinkedIn aware of attacks
There are several red flags in this campaign, which should be enough for most people to spot the scam. The most obvious is the fact that LinkedIn would never communicate about locked or banned accounts through comments on different posts.
The second biggest red flag is links shared in comments. In some cases, the links are clearly not affiliated with the platform, pointing to netlify.app or similar third-party services. In others, attackers use LinkedIn’s official URL shortener, which can make links more credible.
Finally, victims might go to the profile page of the account posting these comments and see that it is an obvious scam. One of the accounts is called “LinkedIn Very” and has no followers or activity. The only thing that connects him to the platform is the name and profile picture which are clearly stolen from LinkedIn.
The Microsoft-owned enterprise social network said BeepComputer he is aware of the campaign and is working to stop it:
“I can confirm that we are aware of this activity and our teams are working to take action,” a LinkedIn spokesperson told the publication.
“It is important to note that LinkedIn does not and will not communicate policy violations to our members through public comments, and we encourage our members to report if they encounter this suspicious behavior. This way we can review and take appropriate action.”
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
