Another creator messaged me asking to collaborate and sent a link to 'discuss details' — could this be a phishing attempt?
It can be. Scammers impersonate other creators or claim to represent them, sending collaboration proposals with a link that leads to a credential-stealing page or malware download disguised as a shared document or media kit.
Last reviewed: 5 July 2026
Explanation
This scam exploits the genuine and common practice of creators collaborating with each other, making an unsolicited proposal feel plausible, especially when it appears to come from an account that looks similar to a real creator's profile, sometimes copying their name and profile picture almost exactly with only a subtle difference. The message typically asks the target to click a link to view a 'collab proposal,' 'media kit,' or 'shared script,' which leads to a fake login page or triggers a malware download.
A more advanced version compromises a real creator's actual account first, through an earlier phishing attack, and then uses that genuine, trusted account to send collaboration links to the creator's contacts or other creators in their network, which significantly increases the credibility of the approach since it comes from a real, familiar profile rather than an obvious impersonator.
Before clicking any collaboration link, especially one requesting a login or file download, it's worth verifying the request through a separate communication channel with the creator, such as a direct message on a different platform or a quick voice or video call, particularly if the account approached you rather than being someone you already had an established relationship with.
Common red flags
- Collaboration proposal comes from an account with a name or handle only slightly different from a known creator
- Link requests a login on an unfamiliar page rather than opening directly in a recognized document or file service
- Message pressures you to respond or click quickly to 'secure' the collaboration slot
- No prior relationship or mutual connection with the creator making the request
- Shared file or link prompts a download rather than opening as expected
- Account making the request has an unusual posting history inconsistent with an established creator
What to do now
- Verify the collaboration request through a separate channel or direct contact with the creator before clicking any link
- Avoid entering login credentials on any page reached through an unsolicited collaboration message
- Check the sender's account details carefully for subtle impersonation signs
- Scan any downloaded file with security software before opening it
- If you clicked a suspicious link and entered credentials, change your password immediately and enable two-factor authentication
- Report the impersonating account to the platform's trust and safety team
Frequently asked questions
How can I verify a collaboration request is genuinely from the creator?
Reach out to them through a different platform, a known contact method, or a quick call to confirm, rather than relying solely on the account that sent the initial message.
What if the account looks completely genuine and has a large following?
A large following doesn't rule out account compromise — genuine accounts can be hijacked through earlier phishing attacks and used to send convincing scam links to the account's existing network.