The job market has fluctuated dramatically since the start of the pandemic, drawing the attention of job seekers to LinkedIn. However, the platform’s popularity has also attracted scammers, whether they are masquerading as recruiters on the site or simply copying the LinkedIn messaging format to send you scam emails.
Below is a real-life scam message sent over LinkedIn, offering to tell the recipient about an exciting job opportunity. The company referenced is real. But the link in the message would send them to a malware webpage. Would you be fooled?
Let’s take a look at why LinkedIn is attracting scammers and what you can do to protect yourself.
[Get tips to protect your data. Subscribe to the ExpressVPN Blog Newsletter.]
Why are scammers targeting LinkedIn users?
According to a report by Insider Intelligence, LinkedIn is ranked #1 in the U.S. for digital trustworthiness among social media sites (despite security breaches in the past). Rather than a feed dominated by memes, flame wars, and baby photos, LinkedIn is a place of professionalism. At least, that’s how it appears on the surface.
On some level, there’s an expectation among LinkedIn users that everyone on the platform is just like them—a professional. This could lead users to lower their guard, which in turn opens them up to scammers seeking to use this trust for their own gain.
Thankfully, these scams are easy to avoid once you know what to look for. Here are five types of LinkedIn scams, as well as tips on how to spot them and protect your privacy.
5 LinkedIn scams you should look out for
1. Fake profiles
Fake profiles—a component of “catfishing”—are the foundation for all other scams on LinkedIn. If you’re exposed to a scam on the platform, chances are you’ll be contacted by a stranger posing as a legitimate user.
The person in question sends you a contact request, pretending to be a senior member of a respected company or even someone you know. This familiarity increases the chances of you accepting the invitation.
Once they’re a part of your network, the person will message you fake links to phony job offers. If you click on them, these links might install viruses and malware onto your device.
These fake profiles, however, are easy to spot.
How to spot fake LinkedIn profiles
- Check their profile picture. Photos of beautiful women or handsome men are commonly used, often swiped from stock photo sites. Use a reverse image search as a cursory check.
- Do some digging on the company they work for. One common pattern for fake profiles is the company name mirroring the profile name, e.g., “Steve Bradshaw – Bradshaw Consulting”. Google the company when in doubt. If there are no results, delete and block.
- Their work experience is lacking or packed full of short-term roles across many companies, often not reflecting the seniority of their supposed job title.
- They have very few connections, or perhaps too many. And you don’t share any mutual connections.
- Poor grammar and spelling are another giveaway. A true professional is unlikely to overlook such details. Perfection is key when presenting yourself in the business world.
- They’ve listed way too many skills, as they’re casting a wide net when looking for users to contact. Take extra caution if none of their key skills match yours or those common in your profession.
Read more: When catfish meets crypto scam on dating apps
LinkedIn phishing scams usually land in your message box from a “recruiter” you recently accepted a connection request from.
They dangle a juicy job offer, using a sense of urgency to pressure you into clicking a link. But rather than directing you to the official company site, you’re sent to a fake site that asks for your personal information.
LinkedIn’s InMail is another popular way to send phishing scams. To use InMail, a user must sign up for a premium account. And those aren’t cheap. So scammers hijack existing accounts. And because it’s a premium account and a (formally) legitimate profile, it’s more trustworthy than random contact requests. And this practice is more widespread than you think.
So, how do you avoid this deluge of phishing emails?
How to avoid LinkedIn phishing scams
LinkedIn provides information on how to identify phishing emails. But overall, be sure to assess the URL for legitimacy before clicking on the link in the message. And be especially careful of emails with subject lines like “LinkedIn Closing and Termination of Your Account”. These messages create urgency, potentially to the detriment of your judgment. Just take your time and thoroughly read and check every little detail.
Read more: How to spot common red flags in phishing emails
3. Fake job offers
You’re contacted by a recruiter presenting you with an amazing job offer: more money and a fancy title. It sounds too good to be true, and that’s because it is. Here’s why.
It all goes back to trust. The message will be tailored just for you, with the recruiter having staked out your profile beforehand. Tempted by the offer and trusting the recruiter, you click the link they sent you. They claim it’ll take you to the job description. Instead, it links to malware or a page that asks for your personal information in order to access the supposed job.
Some scams will even ask you to pay for training or materials. The scammer will send you a fraudulent check in the post to cover the costs. They then direct you to purchase the items from their pre-approved vendor. However, this seller is just a front for the scammer. The vendor/scammer will only accept unrecoverable payment methods such as Western Union. Then you try to cash the check, the ruse is revealed, and you’re left thousands of dollars out of pocket.
How to avoid fake job scams
Be very careful when receiving external links. Only apply for jobs on LinkedIn via the Jobs portal and the Easy Apply button found at the top of most job listings. And avoid inputting your details into an external site. If you’re prompted to go to the company’s website, search for it yourself and go to their careers page.
4. Tech support scams
Someone contacts you one day, claiming to be from LinkedIn. Apparently, there’s an issue with your account. Everything seems legitimate. There’s a LinkedIn logo on the email, and it’s using the same brand colors. All good so far.
The email includes a link. You click it and it takes you to what appears to be the LinkedIn login page, complete with a legit-looking URL. However, the page is fake. Its only purpose is to swipe your details. If you had input your information, you’d certainly now have an issue with your account.
How to avoid tech support scams
Carefully check the email address. While the logos and the banner colors might look official, the email address will be wrong. LinkedIn is a large corporation and can pay for their own email domain. The email address will often be missing letters, resembling something like, @Llnked.com. It looks right at a glance, but upon closer inspection you can see it’s not from LinkedIn.
If you receive an alleged support email from LinkedIn that charges you for phone support, ignore and delete it. LinkedIn explicitly states that they never charge for support.
5. The inheritance scam
Yes, really. While you might have expected this infamous scam to have been lost to history like the man who tried to sell the Eiffel Tower twice, the Nigerian prince/419 scam is alive and kicking. If you’re not familiar with the scam, here’s how it works.
A fake profile on LinkedIn will contact you asking for help in transferring funds out of a country in exchange for a commission, or that you stand to inherit millions of dollars from a deceased relative. Once you’re hooked, the bad actor will ask for increasing amounts of money to deal with various made-up issues, such as paying taxes or legal fees. Once you’ve sent the money, the person disappears—along with your cash.
How to avoid inheritance scams
Be skeptical. Receiving millions of dollars out of the blue never happens, especially when offered by a complete stranger from a foreign country. Delete the message and report the account to LinkedIn.
Awareness is the best protection
Once you know what LinkedIn scams look like, you’ll be able to stay wary of them, even if you prefer to be active on the site as you look for a job and attempt to draw the attention of recruiters.
But as with all social media, the safest course is to stop using it or making your account as private as possible. In LinkedIn’s privacy settings, you can decide who can see your profile, including specific details such as hiding your last name or your contacts list, or even your entire profile. Choose private mode for maximum privacy.
Have you ever been the victim of LinkedIn scams? Let us know in the comments.
Protect your online privacy and security
30-day money-back guarantee
so far so good need to install on iPhone % iPad