- Attackers post fake LinkedIn comments claiming accounts are locked for violations
- Links lead to phishing sites mimicking LinkedIn login, stealing user credentials
- LinkedIn confirms awareness, stresses it never communicates bans via public comments
In addition to AI-generated content, LinkedIn is now facing a surge in phishing attempts, experts warn.
A report from BleepingComputer highlights that numerous LinkedIn users have encountered comments under various posts that appear to originate from the platform itself. These comments falsely claim that users have repeatedly violated the platform’s terms of service, resulting in account locks pending review.
The comments include a link for users to “reactivate” their accounts and “lift” the ban. Those who click through are directed to a page that resembles a legitimate LinkedIn login, but actually captures user credentials for the attackers.
LinkedIn Aware of the Attacks
There are several warning signs in this phishing campaign that should help users identify the scam. The most significant is that LinkedIn would never notify users of locked or banned accounts through comments on posts.
Another major red flag is the links shared in these comments. Some links are clearly unrelated to LinkedIn, pointing to sites like netlify.app or similar third-party services. Others utilize LinkedIn’s official URL shortener, which can lend an air of credibility.
Additionally, victims can check the profile of the account posting these comments, often revealing it as a scam. For instance, one account named “LinkedIn Very” has zero followers and no activity, with only the name and a stolen profile image connecting it to the platform.
A spokesperson for LinkedIn confirmed to BleepingComputer that they are aware of this activity and are taking steps to address it:
"I can confirm that we are aware of this activity and our teams are working to take action," the spokesperson stated. "It's important to note that LinkedIn does not and will not communicate policy violations to our members through public comments, and we encourage our members to report any suspicious behavior. This way we can review and take the appropriate action."