Update Auto Unflag Feature on LinkedIn
How the scam works:
LinkedIn is a popular business and employee-oriented website that is much like most other social media sites that are used by many people worldwide. Its focus is on bringing employees and companies together in a platform that allows them to communicate with each and help with the advancement in careers and business opportunities.
Many people trust LinkedIn to keep them up-to-date on the latest trends in their field, as well as keep them connected with past, current and future employees and employers. If you have an account with LinkedIn, you are familiar by now of the regular emails you receive that update you on current events and updates from your connections. To mimic these emails, cyber-crooks are sending emails to users trying to steal their personal information, whether it's about LinkedIn jobs or updating features. If you are a member of LinkedIn, you need to be cautious of any emails that appear to be from the company, because you could be in trouble.
Most people who use LinkedIn like it for being able to keep up with other people in their field. Connections are a huge part of career success, and LinkedIn helps to maintain important connections and keep you relevant in your industry. For that reason, if an email comes in suggesting that you may lose access to your account, you may become very concerned.
Imagine you are going through your regular work day and you are thinking about your long-term goals. You don't mind the job that you are currently in, but you are looking to the future. You know that if you work hard and make the right decisions, you can move ahead and establish a great career for yourself. As you may be thinking these things, you get an email from LinkedIn. Since you are so career oriented, you immediately open the message to see what it is about. The email indicates that you might lose access to your account. It starts off saying:
"Dear Valid LinkedIn User,
Our system indicates your account signed-on from different IP recently, do not panic, this happens mostly when your ISP provider changes the IP without your knowledge, but we advise you kindly follow-up by Updating to the system to enable Auto Unflag…"
The email continues like that, but you get the idea. The common theme to emails like this is that if you do not verify your account settings, you may lose access to your account.
The lack of addressing you by your real name and the poor grammar may tip you off that something is wrong here, but the fear of losing access to your account may prod you to take action. So you click on the link in the email, and it brings you to a website that looks just like LinkedIn, with maybe a few small details changed. It asks you to fill in a form to verify your LinkedIn account.
If you do not notice the small differences in this page and the real LinkedIn account, you might just go ahead and fill in your details. Unfortunately, as soon as you submit the form, you have fallen prey to the scammer's game.
Criminals will do whatever they can to trick users into falling for their trap. They will do this for several reasons. One of the most common is to access your account. Once they have access to your account, they have access to all your connections you have made in LinkedIn. They can then begin to spam these users in the hopes of gaining access to their accounts as well.
Additionally, they have all the personal information that you have entered LinkedIn. This can be used against you in many ways, but the worst is the threat of identity theft.
Another reason scammers might try to con you is by installing malware onto your system. By getting you to click on the link in the email and fill out the information, you might unknowingly be installing malware on your computer. Scammers use malware on your computer to steal information from you that is stored on your system. If you have any private information on your system, this can be a very dangerous problem to have.
Additionally, scammers love to lure people into paying for useless tech support. By clicking on the link in the email, you allow the scammer to install software on your system. This software then slowly begins to warn you of system failure, or it might cause things not to work. Then it prompts you to call their tech support number, and you end up paying them to help you fix your computer.
Of course, they never actually fix it, but rather have a similar issue happen in a few weeks or months. It can be a long drawn out process that drains your bank account. In some cases, the software can even encrypt your personal files and hold them for ransom. Then you must pay for your files to be released.
Keep in mind that in whatever way these scammers work, they are never working for your benefit. They are trying to take advantage of you, whether by gaining your LinkedIn credentials to obtain personal information or contacts or by installing malware of software on your computer to obtain money from you. No matter what, it is imperative that you protect yourself from these types of scams.
How to avoid the LinkedIn Unflag Feature scam:
Whenever you receive an email from LinkedIn, you need to be aware that there is a possibility that it could be a phishing email. There are several things you should keep an eye out for to make sure you don't fall for a scam. Opening the wrong email and clicking on the links or attachment inside will cause nothing but a headache and grief, so you need to ensure that you are vigilant against these types of threats.
The most important thing you should look out for is where the email has originated from. Legitimate emails from LinkedIn will come from an email address with the suffix of @linkedin.com. If it does not have that suffix, but instead has some weird and unrecognizable email address, delete the email immediately. An example of an email address that can look like it is from LinkedIn but is not is linkedIn.email@example.com. This email does not originate from LinkedIn and is most definitely a LinkedIn phishing email. So before you do anything within the email body, check the email address to ensure it is legitimate.
The next thing you should look out for, as was alluded to earlier, is whether or not the email addresses you by name. If it is a legitimate email from LinkedIn, it should indicate you by name. Any email that addresses you as "Dear Valid LinkedIn User" or "Dear LinkedIn User" or any variation of the sort, you can be pretty sure that it is not from LinkedIn. Delete that email and continue with your day.
Another sign to look out for is poor grammar within the body of the email. It is rare that LinkedIn will send out an official email to their users that is filled with grammar and spelling mistakes. If the body of the email seems incoherent and rambles on and on, there is no reason to continue reading. The email is obviously not from LinkedIn, and can be ignored and deleted.
If you, however, end up clicking on a link in what appears to be a legitimate email from LinkedIn and it opens a web page that seems to be the LinkedIn website, you should also take caution with this site. Make sure that the URL is the correct URL for LinkedIn. If it is for another site, close your browser and delete your email.
You can also look for signs throughout the page that aren't consistent with the regular LinkedIn site. Sometimes the color of the site might be off, other times there might be incorrect spelling or grammar, and other times it might be something as simple as the copyright date being off. Any little thing that looks off to you can be an indication that it is not a legitimate site.
However, sometimes the URL will be correct, as the scammers have created a deceptive page within LinkedIn. These can be harder to decipher if they are scam related, but you should still look out for any signs that show it is not a legitimate site.
If you are being asked to log in to your account, close your browser and log in to LinkedIn the way you normally do. Or if you are still unsure, contact LinkedIn directly to find out if what you are seeing is a scam, because it is far better to be overly cautious than to allow a scammer access to your account.
How to report the Linkedin Unflag Feature scam:
Make your family and friends aware of this scam by sharing it on social media using the buttons provided. You can also officially report the scammers to LinkedIn using the link below:
How to protect yourself more:
If you want to be the first to find out the most notorious scams every week, feel free to subscribe to the Scam Detector newsletter here. You'll receive periodical emails and we promise not to spam. Last but not least, use the Comments section below to expose other scammers.