Cybercriminals Increasingly Using LinkedIn for Phishing Scams

Most people associate phishing with email, but cybercriminals increasingly use other digital channels for their attacks. LinkedIn has become a particularly popular choice.

In October 2025, security researchers reported a phishing campaign targeting executives and high-level professionals. The message invited the target to “join the Executive Board of Common Wealth investment fund in South America.” It claimed that “Common Wealth” was in partnership with AMCO Asset Management.

Man thinking at the computer seeing LinkedIn Phishing Scams by cybercriminals

Of course, no such investment fund exists. The goal of the campaign was to steal the victim’s Microsoft credentials.

Phishing on LinkedIn frequently involves fake job offers that steer the victim to malicious sites to steal their information. Some scammers pose as researchers to get personal data in exchange for promised gift cards or money. LinkedIn messages may include malicious links designed to steal logins or install malware. Emails purportedly from LinkedIn may mimic alerts about profile views, new jobs or account issues but contain phishing links.

Scammers are using LinkedIn because it gives them ready access to high-value targets. Rather than creating accounts, building credibility, and making connections, scammers simply take over existing accounts. LinkedIn users are more likely to fall for these scams because they are accustomed to interacting with people outside their organization.

There is not much the organization’s IT team can do. LinkedIn messaging does not go through email, where most spam and phishing is intercepted. Hackers use various techniques to evade security controls that inspect web pages and traffic. Organizations must rely on users to detect and report these attacks.

Spotting a LinkedIn phishing scam involves many of the same techniques used to detect other types of phishing. Look out for:

  • Sender address. Check for misspellings or non-LinkedIn domains.

  • Links. Hover over the URL. If it is not linkedin.com or seems suspicious, do not click.

  • Urgency and emotion. Scammers use high-pressure tactics and emotional pleas.

  • Requests for money or info. Legitimate contacts will not ask for passwords, credit card information or upfront payments.

  • Poor grammar or generic greetings. Poor writing, awkward phrasing or “Dear Sir/Madam” greetings are red flags.

  • Moving off platform. Scammers want to move the conversation to email or WhatsApp quickly to avoid LinkedIn’s monitoring.

If you see any of these red flags, odds are high that it is a phishing campaign. Do not trust links in messages — use official apps and sites to check notifications.

Most of all, remember to be skeptical. If a job or offer seems too good to be true, it probably is.

Schedule A Discovery Meeting
BlogJack CohlmiaPhishing, Scams