Hackers hijack LinkedIn comments to spread malware - here's what to look out for

1. Pro
2. Security

Hackers hijack LinkedIn comments to spread malware - here's what to look out for News By Sead Fadilpašić published 14 January 2026

Phishing has made it into LinkedIn comments, experts warn

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Photo Illustration by Budrul Chukrut/SOPA Images/LightRocket via Getty Images) Share Share by:

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google

• Attackers post fake LinkedIn comments claiming accounts are locked for violations
• Links lead to phishing sites mimicking LinkedIn login, stealing user credentials
• LinkedIn confirms awareness, stresses it never communicates bans via public comments

As if AI-generated posts and comments weren’t enough, LinkedIn activity is now also being bombarded with phishing content, experts have warned.

A report from BleepingComputer has highlighted how recently, multiple LinkedIn users have seen comments under different posts, appearing to have come from the platform itself. The comment states that the user has been repeatedly breaking the platform’s terms of service, and that their account is now locked and pending review.

The post also shares a link where the user can “reactivate” their account and “lift” the ban. Those that follow through will end up on a page that looks like a legitimate LinkedIn login page which, in fact, relays the credentials to the attackers.

You may like

• New LinkedIn phishing scam targets executives with fake board positions
• Yet another phishing campaign impersonates trusted Google services - here's what we know
• Hackers impersonate TechCrunch reporters to steal sensitive information - but you can always trust us

LinkedIn aware of the attacks

There are multiple red flags in this campaign which should be enough for most people to spot the scam. The most obvious one is the fact that LinkedIn would never communicate locked, or banned accounts, through comments on different posts.

The second-biggest red flag is the links shared in the comments. In some cases, the links are clearly unaffiliated with the platform, pointing to netlify.app or similar third-party services. In others, attackers use LinkedIn’s official URL shortener, which can make the links appear more credible.

Finally, victims could navigate to the profile page of the account posting these comments and see that it is an obvious scam. One of the accounts is called “LinkedIn Very”, and has zero followers, and zero activity. The only thing connecting it to the platform is the name, and the profile image that is clearly stolen from LinkedIn.

The Microsoft-owned business social network told BleepingComputer it is aware of the campaign, and that it is working on stopping it:

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

"I can confirm that we are aware of this activity and our teams are working to take action," a LinkedIn spokesperson told the publication.

"It's important to note that LinkedIn does not and will not communicate policy violations to our members through public comments, and we encourage our members to make a report if they encounter this suspicious behavior. This way we can review and take the appropriate action."

The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Show More Comments

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more New LinkedIn phishing scam targets executives with fake board positions    Yet another phishing campaign impersonates trusted Google services - here's what we know    Hackers impersonate TechCrunch reporters to steal sensitive information - but you can always trust us    Fake Facebook Business pages are bombarding users with phishing messages - so what can be done?    Microsoft's branding power is being used by criminals to funnel victims to tech support scam centers - here's what you need to know    FBI says hackers have stolen $262 million in account takeover scams in 2025 so far - here's how you can stay safe    Latest in Security ServiceNow patches critical security flaw which could allow user impersonation    Python libraries used in top AI and ML tools hacked - Nvidia, Salesforce and other libraries all at risk    Experts warn this new Chinese Linux malware could be preparing something seriously worrying    Thousands of n8n instances under threat from top security issue    US government told to patch high-severity Gogs security issue or face attack    Hackers claim to have Target source code for sale following recent cyberattack    Latest in News Prime Video releases violent first trailer for new pirate movie The Bluff    Amazon is bringing 50 Roku channels to Fire TV, and they're completely free to stream.    Security researchers warn Telegram links can doxx you – even with a VPN    New report identifies the most data-hungry fitness apps    Gemini gets its biggest upgrade yet 'Personal Intelligence' that uses your Gmail, Photos, Search and YouTube history - and it could be our first glimpse of the new Siri in iOS 27    Spotify claims it's not forcing AI-generated music onto listeners.    LATEST ARTICLES

1. 1Hackers hijack LinkedIn comments to spread malware - here's what to look out for
2. 2The LG C6 is LG's mid-range OLED TV for 2026 – here's everything we know so far about one of this year's most anticipated TVs
3. 3Priyanka Chopra Jonas and Karl Urban's new Prime Video movie The Bluff gets a swashbuckling first trailer — and February looks like it'll be a pirate's life for me
4. 4Fitbit, Strava and Nike Training Club are the most data-hungry fitness apps according to a new report — here are 5 ways to protect your privacy
5. 5Love Pro-Ject decks? Now the firm wants to level up your head-fi game — with a Head Box