LinkedIn is dealing with a new wave of phishing attacks that are showing up right in the comment sections of popular posts. Security experts have spotted multiple instances where fake accounts, often using names like “LinkedIn Very” and official-looking logos, post warnings under various threads. These comments claim that the user has repeatedly violated the platform’s terms of service and that their account has been locked. They then provide a link to “reactivate” the account, which is actually a trap to steal your login credentials.
The scam is designed to play on the fear of losing access to your professional network. If you click the link, you are sent to a fake login page that looks identical to the real LinkedIn portal. Any information you type there goes directly to the attackers. While some of the links are obviously fake, pointing to third-party services like netlify.app, others use LinkedIn’s own URL shortener to appear more legitimate. LinkedIn has confirmed it is aware of the situation and is working to remove these accounts, but the automated nature of the comments means they can reappear quickly.
There are a few clear signs that these comments are fraudulent. Most importantly, LinkedIn will never notify you of a policy violation or an account ban through a public comment on a post. Official communications about your account status will always come through email or a private notification within the app. Furthermore, if you click on the profile of the person posting the comment, you will usually see a brand-new account with zero followers and no actual work history, which is a dead giveaway for a bot or a scammer.
To stay safe, you should avoid clicking any links in LinkedIn comments that ask for personal information or login details. If you see a suspicious comment, use the platform’s built-in reporting tools to flag it so the safety team can take it down. If you think you might have already entered your password on one of these fake sites, you should change your LinkedIn password immediately and enable two-factor authentication to keep your account secure.
