Fraudsters may use a practice called phishing to try to obtain your sensitive data such as usernames, passwords, and credit card information. These fraudsters impersonate legitimate companies or people, sending emails and links that attempt to direct you to false websites, or infect your computer with malware. LinkedIn will never ask you for your password or ask you to download any programs.
Possible warning signs of a phishing message:
- Messages containing bad spelling, grammar, and that aren't addressed to you personally.
- Messages asking you to act immediately.
- Messages asking you to open an attachment to install a software update.
LinkedIn has also joined the DMARC organization with other industry leaders like Facebook, Google, and PayPal, with the goal of fighting phishing and spam. In accordance with DMARC standards, LinkedIn digitally signs all emails we send. This allows participating email providers to identify our legitimate emails and throw away the phishing and/or spam emails. While most major email providers such as Google, Yahoo!, Microsoft, and AOL adhere to DMARC standards, a number of providers haven't implemented it. Additionally, messages that come from LinkedIn will contain a security footer to help you verify if they're authentic.
We also work with many industry partners to identify websites and email campaigns that engage in phishing or spamming, so that we can remove them from the Internet. Sometimes we're able to do this within an hour of the email crossing our radar. These combined efforts should decrease the chances of you receiving a fraudulent LinkedIn phishing or spam email.
To report phishing messages you've received, please email firstname.lastname@example.org. Learn more about protecting yourself from fraudulent messages or what to do if you've already clicked on a bad link or attachment.