Hackers are attacking LinkedIn users through comments
A new phishing campaign has been discovered on LinkedIn: hackers are leaving public comments, posing as an official social network bot, about violations of rules on a user's profile.
A new phishing campaign has been discovered on LinkedIn: hackers are leaving public comments, posing as an official social network bot, about violations of rules on a user's profile.
Such a scheme was spotted earlier this week, writes Cybernews.
“Bot-like accounts respond to posts impersonating LinkedIn itself, alerting users to alleged policy violations and urging them to immediately ‘fix’ the issue,” SOC analyst William Pfeiffer wrote on LinkedIn on Tuesday.
Pfeiffer notes that the fake comments are extremely “convincing” because the attackers use LinkedIn-style language, familiar branding, and “lnkd.in” short links.
The fake account — Linked Very — posts messages directly in public comment sections, informing users that their accounts have been temporarily restricted for violating the rules.
“We have detected that your account has engaged in activity that is inconsistent with our website policies. To prevent further restrictions or possible suspension, you need to file an appeal via https://very1929412.netlify.app/ so that we can review your case,” one such phishing message reads.
Another similar phishing message, also posted by the fake “Linked Very” profile, states: “Due to persistent violations, your account has been permanently banned. Please appeal immediately at https://lnkd.in/ev7Za98i.”
Pfeiffer says that if a user clicks on a link that looks legitimate, “it leads to a fake confirmation page designed to collect credentials.” The phishing pages looked almost identical to LinkedIn login pages, tricking users into entering their username and password.
According to Max Gannon, manager of the cyber intelligence group at Cofense, hackers are using artificial intelligence to successfully spoof LinkedIn and abuse legitimate infrastructure.
“While the process of creating a LinkedIn company page—especially one that impersonates LinkedIn itself—was previously difficult to abuse on a mass scale, the proper use of AI now makes it possible,” says Gannon.
LinkedIn user Jocelyn M. was targeted by a phishing campaign last weekend, discovering that three separate fraudulent “Linked Very” accounts were operating on the platform.
Ironically, after reporting the incident to LinkedIn, Jocelyn M. received a similar comment on her page—this time from the actual LinkedIn support team—thanking them for spotting the fake post.
"We can confirm that this was not an official message from LinkedIn, and our teams are taking appropriate action. Please continue to report any content that looks wrong so we can review it: https://lnkd.in/gnHAjfNU. -TK," the legitimate LinkedIn account wrote.
Gannon argues that “as attackers increasingly use artificial intelligence and new automated methods, legitimate companies like LinkedIn will need stronger verification and validation controls to prevent abuse of their services and protect brand trust.”
This type of phishing campaign is not unique to LinkedIn and is spreading across all social media platforms, cybersecurity experts say.
Python developers targeted by new phishing attacks: how to stay safe
Python developers targeted by new phishing attacks: how to stay safe
A vulnerability was discovered in Gemini: AI can be forced to generate phishing warnings in email
A vulnerability was discovered in Gemini: AI can be forced to generate phishing warnings in email
Read the country's main IT news in our Telegram
Read the country's main IT news in our Telegram
