Common Phishing Scams on LinkedIn: How to Spot Them

00:00 passion

The FTC estimates that Americans will lose $12.5 billion to scams in 2024. That was up 25% from a year earlier. And attacks in 2025 are increasing in scope and scale, taking advantage of trusted sites like LinkedIn. One company looking to protect consumers is Push Security. Joining me now is Mark Orlando, Push’s Chief Technology Officer. Mark, good to see you. So maybe start here Mark, you know, as the year draws to a close, we’re rolling into 2026, Mark. What’s the big deal?

00:36 passion

The cyber security theme, Mark, is something we should be aware of. What are the big trends? Scale, for example, looks like you’re highlighting.

00:51 Mark Orlando

Hi Josh, absolutely. Scale uh is really the biggest development we’ve seen not only this year but in the last few years, as the infrastructure behind these types of attacks gets easier and easier to stand up and operate. I think we can expect the scale of these attacks to increase exponentially. We’ve also seen the sophistication of these attacks uh really getting higher and higher. You talked about exploitation

01:23 Mark Orlando

Legitimate sites and services like LinkedIn, um but we’re seeing across the board, whether it’s social media networks or sponsored ads in Google results, attackers have come up with some very creative and sophisticated ways to deliver these scams and these attacks to unsuspecting users.

01:36 passion

It seems, Mark, that you’re highlighting how more attacks are happening inside the browser. Why is that, Mark? I mean, technically speaking, how does that help an attacker?

01:50 Mark Orlando

Certainly, the browser has really evolved from a device that we use to view web pages to, you know, essentially a platform that runs on-demand software. I mean, this is where, you know, the work really happens these days, you know, where users are logging into different accounts and services that we use on a daily basis. So, uh attackers realized this and they moved into different areas of the network like email uh or, you know, strictly web access that’s well-defended in the browser, which has moved somewhat away.

02:29 Mark Orlando

Less well guarded, definitely an area where many organizations do not have good visibility into what is happening and how users are interacting with websites. So, attackers have realized this, they’ve focused on doing a lot of work in the browser where users can be tricked into doing a variety of things, uh leaving information they shouldn’t, logging into websites they shouldn’t, uh and again, where it’s very difficult for security teams to observe.

03:00 passion

You also highlighted here, Mark, that uh these LinkedIn-based phishing attacks sound like that. Explain them, Mark, how do they work?

03:13 Mark Orlando

for sure So, I think historically when you talk about phishing or email scams, I mean it strictly. This is what is coming via email. And I think that’s more or less what users expect. If they’re going to do a scam, it’s going to be some, you know, poorly worded suspicious type of email that comes with an attachment or a link. And actually that’s uh increasingly not the case anymore. So, uh you mentioned LinkedIn, we identified an attack campaign earlier this year

03:44 Mark Orlando

Uh an executive, a CEO actually, uh was targeted through LinkedIn of the company we work for. He got a message from someone in his network, a first-level connection about something very relevant to that company and his job uh. And so uh he clicked on the link, you know, along the lines of hey, check out this investment information, this opportunity, let me know what you think. Uh there was a lot of sophisticated um

04:14 Mark Orlando

He had to jump to verify that he was actually accessing the attacking website. And finally the goal was to collect his login information. So, in fact, it wasn’t a trusted contact sending this message via LinkedIn, but rather someone else who compromised his contact’s uh account. So, this is a situation where not only is the message very convincing, but it comes from a trusted source, in this case, you know, a trusted known contact.

04:47 Mark Orlando

So, very, very hard to choose. And again, it’s very difficult for an organization to see what’s going on within those LinkedIn communications, much less prevent it.