How to Spot the Most Common LinkedIn Scams
LinkedIn is one of the most popular professional online networks, and its users are sometimes targeted by online scammers. These scammers may send LinkedIn users emails that appear to be from LinkedIn but are not, either infecting your computer with malicious software or stealing your personal information.
Common LinkedIn Scams and How to Avoid Them
Online scammers are constantly finding new ways to steal personal information from unsuspecting users on popular websites such as LinkedIn. Being able to recognize and safely discard fraudulent emails can help you protect yourself and your personal information. Common LinkedIn scams to avoid include the following:
Fake Member Invitation Scam
One of the most common LinkedIn scams is a fake email, inviting you to connect with another LinkedIn member. The email will look very similar to an authentic LinkedIn email, and might even contain the LinkedIn logo. It may ask you to click a link to "visit your inbox now," or ask you to "accept" or "ignore" the invitation.
Clicking any of these links may bring you to a compromised website that will download malicious software onto your computer.
Fake Request for Your Personal Information Scam
This scam first occurred in 2012, when Russian hackers collected and leaked millions of LinkedIn users' passwords. Scammers send you a fake email, pretending to be the LinkedIn administrative team. The email asks you to confirm your email address or password. It might even say that your LinkedIn account has been blocked due to inactivity.
This email might contain a hyperlink that says something like "click here to confirm your email address." If you click this link, it will bring you to a compromised website that looks very similar to the LinkedIn site. The site will ask for your email and password. Scammers will then take this information and put you at risk for identity theft. This type of theft is known as "phishing."
Phishing attacks are when fraudulent emails that appear to be from authentic organizations are sent to large numbers of people simultaneously. Their goal is to have at least one recipient click a link to provide their personal information or download malware.
If a seemingly reputable organization sends you an email that includes a request for your personal information, don’t click any links in the email. Instead, type the company name into your web browser, go to their site, and contact them through customer service to ask whether they sent the request.
Invitation From Scammer Scam
It's important to check out the people who invite you to connect with them on LinkedIn, as they could be fake profiles. If you don't know the person, check out their profile carefully. Warning signs include a very brief profile with a limited amount of company and job information. If you accept the invitation, the next message might be one with a link to a scam.
LinkedIn Message Scam
With this scam, someone on LinkedIn—typically someone with InMail, allowing them to contact with anyone on LinkedIn directly—sends you a message with a link to a scam or spam website.
How to Spot LinkedIn Scams
LinkedIn scams can be difficult to spot because the emails typically look like authentic LinkedIn emails. However, there are several ways you can spot them:
- Look at the email address of the sender and avoid anything with a non-LinkedIn domain.
- Hover over each hyperlink in the email to see the link's URL. If the link is not to a LinkedIn webpage, you know it's a scam.
- If you are at all uncertain about the validity of the email, log into your LinkedIn account. If the email is real, you will have the same notice in your message folder in LinkedIn.
- Any email asking for personal information beyond your email address is spam. If you ever forget the password for your LinkedIn account, you will receive an email only asking you to enter your email address. Next, you'll receive a link to reset your password. Any emails asking for additional information, such as email addresses, passwords and bank account numbers, are spam.
- Any email asking you to install software or open an email attachment is spam.
- If an email contains bad spelling or grammar, it is likely a scam.
- Authentic LinkedIn emails have a security footer at the bottom of every email that says, "This email was intended for YOUR NAME (CURRENT JOB, COMPANY)." While this footer is not a guarantee the email is legitimate, if it is not present, do not click any links.
Scammers looking to target groups of professional users may impersonate a colleague, a fellow employee, a recruiter, or someone from LinkedIn's technical support department.
What to Do If You Are Scammed
If you believe you have been scammed, you should do the following:
- Send the suspicious email to firstname.lastname@example.org.
- Delete the email from your account.
- If you clicked any of the links in the email, run your antivirus and spyware software to find and remove any cookies or malicious software.
- If you gave out personal information such as a password or bank account number to a scammer, make sure to reset your password or contact your bank.
As email scammers continue to think of more sophisticated ways to fool people into providing their personal information, it is imperative that users on social sites, such as LinkedIn, be vigilant when checking emails. Never click links or open attachments unless you're sure an email is legitimate. Protecting your personal information should always be a top priority when using these sites.