top of page
OceanVertical

Watch Out for LinkedIn Phishing in Comments

  • cypac1
  • Jan 13
  • 2 min read
linkedin

When a comment looks like it’s from LinkedIn, most people trust it. That’s what attackers are counting on.

A new phishing campaign is targeting LinkedIn users by dropping fake “policy violation” or “account restriction” warnings right into the comment section of legitimate posts. These aren’t private messages they’re public, and they’re persuasive. Even regular users are getting fooled.


linkedin scam1

Attackers are crafting LinkedIn comments that impersonate platform moderators or security staff. These comments claim the user’s account has been “temporarily restricted” or flagged for violation. They include a link urging victims to “verify” or “restore” their profile.

Here’s where it gets tricky: some of these comments use LinkedIn’s official shortened URL service (lnkd.in), making the scam look even more legitimate. The links lead to phishing sites dressed up to look like LinkedIn’s login page, but entering your credentials hands them straight to the attacker. Why It Matters Phishing is nothing new, but this method exploits trust in a way that’s especially dangerous. LinkedIn is a professional space. We expect DMs to get spammed, but public comments? That’s different.

By posting in public, scammers bypass email filters and reach users in a space they aren’t expecting to be targeted. It’s like someone in a suit shouting “You’re fired!” across the office floor public, unnerving, and convincing enough to cause panic.

The Community Response Screenshots are circulating on Reddit, X, and tech blogs, showing examples of these fake comments. Cybersecurity professionals are reminding users that LinkedIn never communicates account issues via comment threads. Official communications will come via internal notifications or email from a linkedin.com address.


linkedin scam 2

scam 3

Takeaway

Social engineering works because it targets instincts, not just systems. This scam shows how attackers exploit trust in familiar platforms by blending into everyday interactions like comment threads. By mimicking authority and creating urgency in public spaces, they pressure users to act fast and emotionally. But awareness breaks that cycle. When we understand these psychological tactics and create space to pause, verify, and think critically, we turn human behavior from a vulnerability into our strongest line of defense.


Stay safe out there

-Mars


New Funnies!


I got a “LinkedIn violation” in a comment.

So naturally, I updated my resume.


What does “wear many hats” mean

You’ll be the janitor, IT, and emotional support animal


What’s the best part of remote work

Not smelling Sarah microwave fish in the break room


Why did you get a job alert for underwater welding

Because your resume says “adaptable”

 
 
 

Comments

bottom of page