Fraudsters may use a practice called phishing to try to obtain your sensitive data such as usernames, passwords, and credit card information. These fraudsters impersonate legitimate companies or people, sending emails and links that attempt to direct you to false websites, or infect your computer with malware. LinkedIn will never ask you for your password or ask you to download any programs.
Important: LinkedIn has several email domains, which are determined by our email service provider (ESP). We can assure you that emails from linkedin_support@cs.linkedin.com, linkedin@e.linkedin.com, and linkedin@el.linkedin.com are not phishing emails.
Possible warning signs of a phishing message:
-
Messages containing bad spelling, grammar, and that aren't addressed to you personally.
-
Messages asking you to act immediately.
-
Messages asking you to open an attachment to install a software update.
Learn more about protecting yourself from fraudulent messages or what to do if you've already clicked on a bad link or attachment. In addition, be cautious of third-party sites offering assistance with our products.
To report phishing emails you've received, please forward the suspicious email to phishing@linkedin.com.
If you receive a message on LinkedIn and believe it's a phishing attempt, you can report it.
- Click the
More icon. - Select Report/Block.
- Select It's spam or a scam and answer the questions that follow.
Once you complete the above steps, you will no longer see the message in your inbox. You'll also have the option to block or report the member.
Below are some examples of phishing emails:
Body:
Dear [user's name],
We are currently upgrading our server and a temporary limitations has been placed on your Linkedin account.
Please continue with the link below to update and remove the temporary hold on your Linkedin account and connect to professionals around the world.
Continue [phishing site URL]
We are sorry for the inconvenience
Regards,
- Linkedin
2023, LinkedIn Corporation.
Body:
Dear [recipient email address],
Your Account will be locked due to failure to re-verify and confirm ownership.
Kindly Click here [phishing site URL] to verify and get more secured to continue using our service.
Ignorance will lead to temporary suspension of your service provision,
NOTE: *This is a one time user verification carried out in purpose to provide a more secured platform and shut down robot or malicious users created in purpose of spamming and other fraudulent activities.*
Best Regards,
(C) 2023 LinkedIn Security. All rights reserved. NMLSR ID 399801
This automated mail was sent to [recipient email address]. Replies sent to this email address cannot be answered.
Body:
LinkedIn Security Alert
Hi LinkedIn User: [user's email address]
Your LinkedIn Account Profile Has an unverified Status On our Security System
Your linkedIn account needs to be verified Urgently to prevent Phising and protect You from Spam .
Failure To Verify Your Account [user's email address], Your Account Will Be Terminated As we have Strong Anti-Spam Policy.
Please See Our TOS
Protect Your Linked Account Profile Now
[phishing site URL]
Follow Instructions in Link To Secure Your LinkedIn Account
Protect Your LinkedIn Profile [phishing site URL]
You are receiving LinkedIn emails. Unsubscribe [phishing site URL]
This email was intended for Alec Lou. Learn why we included this [phishing site URL]. 2023, LinkedIn Corporation.1000 W Maude Ave. Sunnyvale, CA 94085, USA
Body:
Please confirm your email address to get full access to LinkedIn.
YOUR ACCOUNT WILL BE TERMINATED!!!.
Your LinkedIn account is recommended for upgrade by LinkedIn.
Confirm your email[phishing site URL]
You're receiving this email because you (or someone using this email) created an account on LinkedIn using this address.
Didn't sign up for LinkedIn? Close account
LinkedIn has also joined the DMARC organization with other industry leaders like Facebook, Google, and PayPal, with the goal of fighting phishing and spam. In accordance with DMARC standards, LinkedIn digitally signs all emails we send. This allows participating email providers to identify our legitimate emails and throw away the phishing and/or spam emails. While most major email providers such as Google, Yahoo!, Microsoft, and AOL adhere to DMARC standards, a number of providers haven't implemented it. Additionally, messages that come from LinkedIn will contain a security footer to help you verify if they're authentic.
We also work with many industry partners to identify websites and email campaigns that engage in phishing or spamming, so that we can remove them from the Internet. Sometimes we're able to do this within an hour of the email crossing our radar. These combined efforts should decrease the chances of you receiving a fraudulent LinkedIn phishing or spam email.