Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    New Phishing Campaign Spreads Via LinkedIn Comments

    KnowBe4 Team | Jan 22, 2026

    LinkedIn Most Impersonated Brand in PhishingA widespread phishing campaign is targeting LinkedIn users by posting comments on users’ posts, BleepingComputer reports.

    Threat actors are using bots to post the comments, which impersonate LinkedIn itself and inform the user that their account has been restricted due to policy violations. The comments contain links to supposedly allow the user to appeal the restriction.

    “These posts falsely claim that the user has ‘engaged in activities that are not in compliance’ with the platform and that their account has been ‘temporarily restricted’ until they visit the specified link in the comment,” BleepingComputer says. “The fabricated reply bearing the LinkedIn logo…appears fairly convincing depending on how viewers are interacting with the comments area and on what device.”

    These links lead to convincingly spoofed LinkedIn login portals designed to steal users’ Google, Microsoft, or Apple credentials. Some of the attacks are particularly difficult to spot because they use LinkedIn’s official URL shortener, which replaces the suspicious-looking phishing link with a short “lnkd.in” URL.

    A LinkedIn spokesperson told BleepingComputer that the company is working to take action against this campaign, adding, “It's important to note that LinkedIn does not and will not communicate policy violations to our members through public comments, and we encourage our members to make a report if they encounter this suspicious behavior. This way we can review and take the appropriate action.”

    BleepingComputer notes, “Users should remain vigilant and avoid interacting with comments, replies, or private messages that appear to impersonate LinkedIn and urge recipients to click external links.”

    AI-powered security awareness training can give your organization an essential layer of defense against phishing attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    BleepingComputer has the story.

     

    Return To KnowBe4 Security Blog

    Free Phishing Security Test

    Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

    PST ResultsHere's how it works:

    • Immediately start your test for up to 100 users (no need to talk to anyone)
    • Select from 20+ languages and customize the phishing test template based on your environment
    • Choose the landing page your users see after they click
    • Show users which red flags they missed, or a 404 page
    • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
    • See how your organization compares to others in your industry

    Go Phishing Now!

    Topics: Social Engineering, Phishing, Human Risk Management

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk best practices, compliance strategies and industry research to help organizations strengthen their human defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Gartner Magic Quadrant
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest insights, trends and security news. Subscribe to CyberheistNews.