Fake LinkedIn Connection Requests: What to Watch For
A VP of Engineering at a Series B startup received a LinkedIn connection request from a recruiter at a major tech company. The recruiter's profile had 500+ connections, a detailed work history, and several mutual connections. They exchanged messages about a potential role, and the "recruiter" sent a link to a pre-screening questionnaire hosted on what looked like the tech company's careers portal. The VP entered his work email, phone number, and current compensation details. The recruiter vanished. Two weeks later, the VP's company was targeted with a spear-phishing campaign that used the exact details he'd provided.
Why LinkedIn Is a Scammer's Playground
LinkedIn is built on trust. The platform's purpose is professional networking, so users are inherently predisposed to accept connections from strangers — it's expected behavior. Unlike Facebook or Instagram, where accepting a random friend request feels wrong, accepting a LinkedIn connection from someone in your industry feels normal. Scammers exploit this expectation.
LinkedIn also contains an extraordinary density of valuable data. Job titles, company names, reporting structures, email formats, project details, technology stacks — all voluntarily published and often publicly visible. This information fuels targeted phishing attacks, business email compromise, and social engineering campaigns.
Types of Fake LinkedIn Connection Requests
The fake recruiter. The most common variant. A polished profile claiming to represent a desirable company sends a connection request. After connecting, they initiate a conversation about job opportunities and eventually send a link to a "job application" or "pre-screening form" that harvests personal information or installs malware.
Got a suspicious email?
Paste it here for an instant analysis.
Free · No signup required · Cmd+Enter to scan
The pig butchering setup. An attractive profile sends a connection request with a friendly message. The conversation gradually moves off LinkedIn to WhatsApp or Telegram, where it eventually pivots to a cryptocurrency "investment opportunity" or romance scam. LinkedIn is just the initial contact point.
The data miner. These profiles connect widely to scrape data from your network. Once connected, they can see your full profile, your connections, and information shared only with connections. This data is used to build target lists for phishing campaigns or sold to marketing companies.
The malware distributor. The connection request is followed by a message containing a "report," "whitepaper," or "presentation" as a file attachment or external link. The file contains malware — typically an infostealer delivered through a macro-enabled document or a disguised executable.
How to Spot Fake Profiles
Check the profile photo. AI-generated profile photos have telothers — asymmetric earrings, blurred backgrounds with unusual artifacts, inconsistent lighting. Do a reverse image search on the photo. Fake profiles often use AI-generated faces or stolen photos that appear on multiple profiles.
Examine the work history. Fake profiles often have vague job descriptions, inconsistent timelines, or positions at companies where the person doesn't appear in the company's actual employee list. Check the company page on LinkedIn — real employees usually show up in the "People" tab.
Look at the connection count vs. activity. A profile with 500+ connections but no posts, no comments, no likes, and no articles is suspicious. Real professionals who are active enough to have hundreds of connections typically leave some trace of activity.
Check the account age. Fake profiles are usually recently created. LinkedIn doesn't display exact creation dates, but you can look at the timeline of their work experience and when their earliest connections were made.
Mutual connections aren't guarantees. Scammers mass-connect with people in your industry. Having mutual connections means they successfully scammed your connections into accepting, not that they're legitimate.
Safe LinkedIn Practices
Don't accept every request. Review each profile before connecting. If you don't recognize the person and their profile has red flags, decline. You can also select "I don't know this person" to report it to LinkedIn.
Never move conversations off LinkedIn prematurely. If a new connection immediately asks to chat on WhatsApp, Telegram, or email, that's a red flag. LinkedIn's messaging platform provides a layer of accountability — scammers want to escape it.
Don't click links from new connections. If someone you just connected with sends a link to a document, job posting, or website, verify independently. Search for the job posting on the company's actual website. Google the document title. Don't trust a link sent by someone you've never met.
Limit your public profile information. Consider restricting your email address, phone number, and detailed project descriptions to connections only. The less information visible publicly, the less ammunition scammers have for targeted attacks.
What LinkedIn Is Doing (And What They're Not)
LinkedIn has introduced verification badges, AI-powered fake account detection, and "About this profile" sections that show when an account was created. But enforcement is inconsistent, and sophisticated fake profiles still slip through. The volume of fake accounts is staggering — LinkedIn removed over 120 million fake accounts in 2025 alone, and the number continues to grow.
Your best defense is personal vigilance. Treat LinkedIn connection requests with the same skepticism you'd apply to an email from a stranger, and verify before engaging.
Received something suspicious? Check it now for free →