Number Porting Scams via LinkedIn
Attackers use LinkedIn to research and target high-value individuals for SIM-swap attacks, harvesting the personal details needed to pass carrier identity verification.
Part of: Number Porting Scams
Last reviewed: 1 June 2026
LinkedIn is the reconnaissance platform of choice for SIM-swap attackers targeting professionals and executives. The detailed professional profiles, personal email visibility, and job history on LinkedIn provide the identity data needed to impersonate a target to their mobile carrier and pass security questions.
The attack itself executes over phone or another channel, but LinkedIn provides the intelligence that makes it successful. High-value targets — executives, crypto investors, venture capitalists — are systematically researched before being socially engineered.
How this scam works on LinkedIn
An attacker identifies a high-value target on LinkedIn and notes their employer, job title, likely phone carrier from contact details, and public email format. This information is used to construct a convincing social engineering script for a call to the carrier's customer service line.
The attacker calls the carrier posing as the target, providing the harvested personal details to pass identity verification. They request a SIM swap or port to a new device under a fabricated reason such as a lost phone. The carrier transfers the number, and the attacker uses it to bypass SMS-based 2FA on financial accounts.
In some cases, the attacker uses LinkedIn to directly approach the target with a fake business opportunity to extract the last pieces of personal information needed — home city, birthday — that are not publicly visible.
Common red flags
- Unexpected connection request from someone asking personal questions that seem beyond normal professional networking
- Sudden loss of mobile signal that coincides with receipt of suspicious LinkedIn messages
- Carrier sends verification texts you did not request shortly after responding to LinkedIn messages
- Bank or crypto exchange sends 2FA codes for login attempts you did not initiate
- LinkedIn profile views spike from accounts with no obvious connection to your industry
How to protect yourself
- Limit personal details visible on your LinkedIn profile — home region, birthday, and personal email are not necessary
- Set a carrier account PIN and explicitly request that no SIM changes be made without in-store ID
- Replace SMS-based 2FA on all financial accounts with authenticator app or hardware key
- Enable LinkedIn's two-step verification and review who can see your contact information
- Alert your carrier's fraud team if you receive unexpected verification codes
- Treat any LinkedIn message asking for personal or identity details as suspicious regardless of apparent context
How to report it
- Report suspicious LinkedIn profiles via the profile 'Report' option
- Contact your carrier's fraud line immediately if you suspect a SIM swap attempt
- Report to your national cybercrime authority if financial accounts were accessed
Frequently asked questions
What information on my LinkedIn profile helps a SIM-swap attacker?
Job title and employer (used to pass carrier identity checks), personal email format (to initiate account recovery), phone number if visible, home city, and date of birth. Review your privacy settings to limit what is visible to non-connections.