LinkedIn Scam #1: Fake Member Invitation
One common email scam is a fake email inviting you to connect with another LinkedIn member. The email will look very similar to an authentic LinkedIn email, and might even contain the LinkedIn logo. It will either ask you to click on a link to "visit your inbox now," or will ask you to "accept" or "ignore" the invitation.
If you click any of these links, they will bring you to a compromised website that will download malicious software onto your computer.
LinkedIn Scam #2: Fake Request for your Personal Information
This scam first occurred in 2012, when Russian hackers collected and leaked millions of LinkedIn users' passwords. With this scam, scammers send you a fake email, pretending to be the LinkedIn administrative team. The email asks you to confirm your email address and/or password. It might even say that your LinkedIn account has been blocked due to inactivity.
The email contains a hyperlink that says, "click here" to confirm your email address. If you click on this link, it will bring you to a compromised website that looks very similar to the LinkedIn site. This site will ask for your email and password. Scammers will then take this information, putting you at risk for identity theft (this type of theft is known as "phishing").
LinkedIn Scam #3: Invitation from Scammer
It's important to check out the people who invite you to connect on LinkedIn. If you don't know the person, check out their profile carefully. Warning signs include a very brief profile with limited company and job information. If you accept the invitation, the next message might be one with a link to a scam.
LinkedIn Scam #4: Scam LinkedIn Message
With this scam, someone on LinkedIn (typically someone with InMail who can contact anyone on LinkedIn directly) sends you a message with a link to a scam or spam website.
How to Spot a Scam
These scams can be tricky to spot, because the scam emails typically look a lot like authentic LinkedIn emails. However, there are a number of ways you can spot a LinkedIn email scam:
1. Look at the email address of the sender. If it is not a linkedin.com email address, it is a scam.
2. Hover over each hyperlink in the email to see the link's URL. If the link is not to a LinkedIn webpage, you know it is a scam (so do not click the link!).
3. If you are at all uncertain about the validity of the email, log into your LinkedIn account. If the email is real, you will have the same notice in your message folder in LinkedIn.
4. Any email asking for personal information beyond your email address is spam. If you ever forget the password for your LinkedIn account, you will receive an email asking you to enter your email address (JUST your email address), and then you will receive a link to reset your password. Any emails asking for other email addresses, passwords, bank account numbers, etc., are spam.
5. Any email asking you to install software or open an email attachment is spam.
6. If the email contains bad spelling or grammar, it is likely a scam.
7. LinkedIn is in the process of adding a security footer to every authentic LinkedIn email. The security footer, at the bottom of every email, will say "This email was intended for YOUR NAME (CURRENT JOB, COMPANY)." Currently, only some emails from LinkedIn contain this footer, but the company is installing it in all emails over the next few months.
What to do if you are Scammed
Here's what to do if you have been scammed:
1. Send the suspicious email to firstname.lastname@example.org.
2. Delete the email from your account.
3. If you clicked any of the links in the email, run your spy software to find and remove any cookies or malicious software.
4.If you gave personal information (such as a bank account number) to a scammer, here's how to report a scam.
For more information on how to protect yourself from LinkedIn email scams, visit LinkedIn's Safety Center page on spam.