Focused guide

Fake Interview Scams on LinkedIn

How fraudulent recruiters on LinkedIn use convincing job interview processes to harvest personal data, extract fees, or deliver malware to job seekers.

Part of: Fake Interview Scams

Last reviewed: 8 June 2026

LinkedIn's professional context makes it uniquely effective for fake interview scams. Victims are receptive to outreach from apparent recruiters and hiring managers because that is exactly the kind of interaction LinkedIn is designed to facilitate. A scammer who creates a credible-looking profile representing a recognisable company can initiate contact that feels entirely normal.

The scam may pursue several objectives simultaneously: collecting personal data through fake application forms, extracting processing fees disguised as onboarding costs, or — in targeted attacks — delivering malware through a job description document or 'assessment tool' that the candidate is asked to download.

LinkedIn's job-seeker community skews toward professional and higher-income individuals, making it an attractive target for both financial and data-harvesting fraud.

How this scam works on LinkedIn

A recruiter with a convincing LinkedIn profile — complete with a professional photo, plausible work history, and connections with mutual contacts — sends a direct message or InMail describing an appealing role at a recognisable company. The message is personalised enough to suggest they have reviewed the target's profile.

The target is invited to a virtual interview, often conducted via an unfamiliar video platform, or exchanges are handled entirely through LinkedIn messaging and email. The process mimics legitimate interviews closely, with competency questions, company background materials, and a follow-up offer letter. Before the 'start date,' the target is asked to pay for a background check, equipment, training access, or an onboarding portal subscription.

In malware variants, the target is sent a 'skills assessment' file or 'role briefing' document containing an executable or macro that installs credential-stealing software when opened.

Common red flags

Recruiter profile was created recently or has few meaningful connections
Company name matches a real employer but the recruiter cannot be verified on that company's official website
Interview conducted on an obscure video platform or entirely by text without a live call
Request for payment for background checks, equipment, or onboarding tools
Job description document asks you to enable macros or is an executable file
Offer received after a single, brief interview with no technical assessment for a highly skilled role
Offer letter contains spelling errors, non-standard clauses, or a payment request before start

How to protect yourself

Verify the recruiter exists by searching the company's official website for their name and team page
Contact the company's HR department directly using contact details from the company's official website
Never pay any fee during a hiring process regardless of how it is labelled
Do not open unsolicited documents or run assessment tools without first confirming their source
Use LinkedIn's 'Report' feature on any profile you suspect is fraudulent

How to report it

Report the fraudulent profile and conversation to LinkedIn via the report function on the profile or message
If money was lost, file a report at reportfraud.ftc.gov (US) or Action Fraud actionfraud.police.uk (UK)
Alert the real company whose identity was used so they can notify their employees and customers

Frequently asked questions

How can I tell if a LinkedIn recruiter profile is fake?

Look for recently created profiles, stock-photo profile pictures (reverse image search them), and a work history that cannot be verified on the company's official website. Genuine recruiters are findable on LinkedIn company pages and via HR department contact.

Is it safe to download a skills assessment sent by a recruiter on LinkedIn?

Exercise caution. Verify the recruiter's identity independently before opening any document. Never enable macros in Office files or run executable files sent by someone you cannot verify.

How this scam works on LinkedIn

In malware variants, the target is sent a 'skills assessment' file or 'role briefing' document containing an executable or macro that installs credential-stealing software when opened.

Common red flags

Recruiter profile was created recently or has few meaningful connections

Company name matches a real employer but the recruiter cannot be verified on that company's official website

Interview conducted on an obscure video platform or entirely by text without a live call

Request for payment for background checks, equipment, or onboarding tools

Job description document asks you to enable macros or is an executable file

Offer received after a single, brief interview with no technical assessment for a highly skilled role

Offer letter contains spelling errors, non-standard clauses, or a payment request before start

How to protect yourself

Verify the recruiter exists by searching the company's official website for their name and team page

Contact the company's HR department directly using contact details from the company's official website

Never pay any fee during a hiring process regardless of how it is labelled

Do not open unsolicited documents or run assessment tools without first confirming their source

Use LinkedIn's 'Report' feature on any profile you suspect is fraudulent

How to report it

Report the fraudulent profile and conversation to LinkedIn via the report function on the profile or message

If money was lost, file a report at reportfraud.ftc.gov (US) or Action Fraud actionfraud.police.uk (UK)

Alert the real company whose identity was used so they can notify their employees and customers

Frequently asked questions

How can I tell if a LinkedIn recruiter profile is fake?

Is it safe to download a skills assessment sent by a recruiter on LinkedIn?

Exercise caution. Verify the recruiter's identity independently before opening any document. Never enable macros in Office files or run executable files sent by someone you cannot verify.