You thought phishing was just an email problem? Oh sweet summer child. This episode dives into the new frontier of cyber shenanigans: LinkedIn. That’s right — the land of business jargon, inspirational posts, and awkward endorsements is now a playground for scammers sliding into your DMs like they’re networking for the dark web. Get ready to learn why accepting that too-good-to-be-true board invitation from “a company in South America” might end with malware, not margaritas.
In this episode:
Caught in the LinkedIn Phishing Net – Ep 536
Today’s Episode is brought to you by:
Kardon
and
HIPAA for MSPs with Security First IT
Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity.
Great idea! Share Help Me With HIPAA with one person this week!
Learn about offerings from the Kardon Club
and HIPAA for MSPs!
Thanks to our donors. We appreciate your support!
If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com
Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA
Caught in the LinkedIn Phishing Net
[00:39]You think you’re safe from phishing because your inbox has spam filters, right? Well, what if the phishers have moved to your “professional” neighborhood – LinkedIn. That’s right, your networking hub is now the new hunting ground for cybercriminals. From fake recruiters to spoofed Smart Links, attackers are sliding into DMs faster than an overzealous sales rep after you update your job title. In this episode, we’re diving into why LinkedIn has become the latest phishing hotspot, how the scams actually work, and what you can do to keep your network from becoming a net trap.
Why LinkedIn Has Become a Phisher’s Paradise
- Professional context = trust: people lower their guard on LinkedIn because it feels legitimate and businesslike.
- Business access point: users often check LinkedIn on company devices – perfect bridge into enterprise systems.
- Weak spot in defenses: email filters don’t cover LinkedIn DMs or Smart Links.
- Abundance of personal data: attackers can tailor messages to your role, company, or industry.
- Reference sources:
- BleepingComputer: attackers leveraging non-email channels.
- Cybernews: Smart Link abuse campaign back in 2023.
- ITPro: LinkedIn is a “goldmine” for spear-phishing.
Common LinkedIn Phishing Scenarios
- Fake recruiter messages: offer “dream jobs” or “board invitations” to steal login info.
- Smart Link scams: legitimate LinkedIn tracking links used to redirect to credential-stealing sites.
- Impersonation of known contacts: fake accounts mimicking real connections or executives.
- Investment and crypto scams: scammers posing as “wealth advisors” or investors.
- Follow-up attacks: once credentials are stolen, attackers use the victim’s profile to phish their network.
- Highlight a few real examples (from Push Security, Kaspersky, or NordVPN reports).
Why Organizations Are Especially Vulnerable
- Corporate filters and training focus almost exclusively on email.
- LinkedIn messages fly under the radar – no visibility or detection tools.
- Phishing via LinkedIn can lead to business email compromise (BEC) or data exposure.
- Reputation risk: a compromised executive LinkedIn account can harm brand trust.
How to Spot and Stop the LinkedIn Phish
For individuals:
- Verify recruiters and opportunities – check company domains, look for inconsistencies.
- Be wary of urgent or “exclusive” opportunities.
- Hover over links, even Smart Links, before clicking.
- Don’t share personal data or credentials via DMs.
- Enable two-factor authentication on LinkedIn.
For organizations:
- Expand phishing training to cover non-email channels.
- Add browser-level protection and identity monitoring.
- Create internal guidelines for how executives use LinkedIn.
- Encourage employees to report suspicious messages, even outside corporate apps.
What’s Next – The Growing Trend
- As email gets better protected, attackers are migrating to social and business platforms.
- Expect AI-generated fake profiles and messages that mimic real recruiters or clients.
- LinkedIn is responding (verification for recruiters, fake-profile takedowns), but the problem isn’t going away.
- Tie it back to the bigger picture: phishing isn’t about the tool, it’s about trust – and LinkedIn has plenty of that.
- Train your teams now – anyone that uses LinkedIn needs to learn ASAP and make sure others learn because it won’t be just LinkedIn. This is working so they will find ways to do it on every other platform where you can message others.
And then there’s….
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
The fun never ends.
Episode Reference Articles
1. BleepingComputer – “5 Reasons Why Attackers Are Phishing Over LinkedIn” (Nov 2025)
https://www.bleepingcomputer.com/news/security/5-reasons-why-attackers-are-phishing-over-linkedin/
Why it matters: Core background piece – highlights the shift from email to social media phishing (34% of attacks), explains why LinkedIn is such a perfect storm: trust, access from work devices, lack of monitoring, and business context.
2. Push Security – “New LinkedIn Phishing Campaign Identified Targeting LinkedIn Users” (Oct 2025)
https://pushsecurity.com/blog/new-phishing-campaign-identified-targeting-linkedin-users/
Why it matters: Shows how attackers are exploiting real LinkedIn features and messages; explains the evolving tactics and sophistication of these attacks. Great for describing the “how it works” part of the episode.
3. Push Security – “How Push Stopped a High-Risk LinkedIn Spear-Phishing Attack Against a Company Exec” (Sept 2025)
https://pushsecurity.com/blog/how-push-stopped-a-high-risk-linkedin-spear-phishing-attack/
Why it matters: Real-world case study involving a targeted attack on an executive via LinkedIn DM. Excellent anecdote to illustrate the personal risk angle.
4. HackRead – “Scammers Using Fake LinkedIn InMail to Deliver ConnectWise Trojan” (Nov 2025)
https://hackread.com/scammers-fake-linkedin-inmail-deliver-connectwise-trojan/
Why it matters: Concrete example of malware delivery through fake LinkedIn InMail – shows that this isn’t just about credential theft but active system compromise. Adds a technical but still understandable dimension.
5. Forbes – “LinkedIn DM Attack Warning – What Users Need to Know” (Oct 31, 2025)
https://www.forbes.com/sites/daveywinder/2025/10/31/linkedin-dm-attack-warning—what-users-need-to-know/
Why it matters: High-visibility coverage of the LinkedIn DM phishing wave; provides legitimacy and mainstream awareness. Great for quoting to show this has gone beyond security circles.
6. Mint / Reuters – “New Phishing Scam on LinkedIn Is Using Fake Board Offers to Steal Corporate Credentials” (Nov 2025)
https://www.livemint.com/technology/tech-news/new-phishing-scam-on-linkedin-is-using-fake-board-offers-to-steal-corporate-credentials-heres-how-microsoft-11762181267574.html
Why it matters: Current campaign report tied to executive-targeted phishing; connects well to your “why execs are prime targets” segment.
7. Keepnet Labs – “LinkedIn Scams on the Rise: Beware of Phishing Attacks” (2025)
https://keepnetlabs.com/blog/linked-in-scams-on-the-rise-beware-of-phishing-attacks
Why it matters: Excellent source for your closing “tips & takeaways” section; focuses on user awareness and spotting red flags.
Consider this your official reminder that just because it’s on LinkedIn doesn’t mean it’s legit. Social media might wear a business suit, but the scammers have figured out how to tailor one too. If something feels off, even if it’s wrapped in a nice InMail with lots of flattery, hit pause, not click. Remember: just because someone has a headshot and a title doesn’t mean they’re not a digital pickpocket.
Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!
HIPAA is not about compliance,
it’s about patient care.TM
Special thanks to our sponsors Security First IT and Kardon.
