LinkedIn comment-reply phishing campaign
Campaign
Summary
Hide ▲
Show ▼
A LinkedIn phishing campaign is using fake comment replies to trick users into opening external links and surrendering credentials. The lure impersonates LinkedIn policy alerts, including the platform's lnkd.in shortener, to make the messages look legitimate. Some replies route victims from very1929412.netlify[.]app to very128918[.]site, where credential harvesting occurs. LinkedIn says it is aware of the activity and is taking action.
Related Happenings
Contagious Interview cryptocurrency social-engineering and malware-delivery campaign
Campaign
First: 23.03.2026 20:09
Last: 23.03.2026 20:09
Sources 1
About this happening:
A **North Korean** cluster behind **Contagious Interview / WaterPlum** is running a coordinated **malware campaign** against **cryptocurrency professionals**, increasing the risk...
Contagious Interview cryptocurrency social-engineering and malware-delivery campaign
CampaignAbout this happening: A **North Korean** cluster behind **Contagious Interview / WaterPlum** is running a coordinated **malware campaign** against **cryptocurrency professionals**, increasing the risk...
European social media scam ads generate nearly £3.8bn in 2025
Target Trend
First: 09.02.2026 12:30
Last: 09.02.2026 12:30
Sources 1
About this happening:
**European social media platforms** generated **nearly £3.8bn** from scam ads in **2025**, showing a large fraud surface that can expose users to money loss, personal-data theft,...
European social media scam ads generate nearly £3.8bn in 2025
Target TrendAbout this happening: **European social media platforms** generated **nearly £3.8bn** from scam ads in **2025**, showing a large fraud surface that can expose users to money loss, personal-data theft,...
LinkedIn private-message phishing campaign targeting executives and IT admins
Campaign
First: 20.01.2026 15:04
Last: 20.01.2026 15:04
Sources 1
About this happening:
The **LinkedIn** phishing campaign now uses private messages and industry-themed lures to deliver a **malicious archive**, putting **business executives** and **IT administrators*...
LinkedIn private-message phishing campaign targeting executives and IT admins
CampaignAbout this happening: The **LinkedIn** phishing campaign now uses private messages and industry-themed lures to deliver a **malicious archive**, putting **business executives** and **IT administrators*...
Common Wealth LinkedIn board-invitation phishing campaign targeting finance executives
Campaign
First: 30.10.2025 15:00
Last: 30.10.2025 15:00
Sources 1
About this happening:
The **Common Wealth** phishing operation is targeting **finance executives** on **LinkedIn** with fake executive board invitations and browser-based credential theft. The lure use...
Common Wealth LinkedIn board-invitation phishing campaign targeting finance executives
CampaignAbout this happening: The **Common Wealth** phishing operation is targeting **finance executives** on **LinkedIn** with fake executive board invitations and browser-based credential theft. The lure use...
Timeline
-
13.01.2026 17:45 2 articles · 4mo ago
LinkedIn reply-comment phishing campaign is disclosed
Initial DisclosureOver the past few days, LinkedIn users have been targeted by bot-like activity from LinkedIn-themed profiles and fake company pages such as Linked Very, with fabricated reply comments claiming a temporary account restriction or policy violations and urging recipients to open external links. Some messages use LinkedIn branding and the official lnkd.in shortener to hide destinations like very1929412.netlify[.]app and very128918[.]site, where credential harvesting occurs. LinkedIn says it is aware of the activity, does not communicate policy violations through public comments, and is working to take action.
Show sources
- Convincing LinkedIn comment-reply tactic used in new phishing — www.bleepingcomputer.com — 13.01.2026 17:45
- Convincing LinkedIn comment-reply tactic used in new phishing — www.bleepingcomputer.com — 13.01.2026 17:45