I am a fake AI generated linkedin person called Bryan Mooney

The LinkedIn “Vendor Review” Scam: How a Polished Profile Tried to Harvest My Business Data

It started with a perfectly normal LinkedIn message

It began the way many LinkedIn conversations do: a clean profile, a professional headshot, and a friendly message about “connecting” and “sharing insights”. Nothing dramatic. Nothing obviously malicious. On the surface, it looked like standard B2B networking.

But as the exchange continued, something felt off.

When the script shows through

The replies were strangely generic. No matter what I said, the responses barely engaged with the specifics. It felt less like a person and more like a script.

Then came the pivot: a recommendation to check out a “trusted” platform for reviewing cybersecurity vendors. The goal was clear—move the conversation off LinkedIn and onto an unfamiliar site.

Pulling the thread: what the investigation revealed

A quick investigation turned the “trusted platform” into a case study in social engineering:

  • Almost no genuine activity on the LinkedIn profile
  • Inconsistent or vague work history and experience
  • No meaningful company presence behind the platform
  • A domain that looked purpose-built for data capture, not service delivery

What looked like a real professional was, in reality, a fabricated persona designed to funnel people into a lead-generation and data-harvesting trap.

LinkedIn as an attack surface for SMEs

This is the new reality: LinkedIn is not just a networking platform; it is an attack surface. Fake LinkedIn profiles, AI-written messages, and bogus “review” or “comparison” platforms are being used to:

  • Harvest contact and organisational data
  • Map your tech stack and suppliers
  • Build trust for future phishing or fraud attempts

For SMEs and leadership teams, this isn’t abstract. These interactions can directly feed into targeted attacks, supplier fraud, and compromised decision-making.

Practical checks before you trust

Before you follow a link or sign up to a “vendor review” platform promoted via LinkedIn:

  • Verify the company in official registers (for example, Companies House in the UK)
  • Run a WHOIS lookup on the domain and check its age and ownership
  • Look for real leadership, real clients, and real activity—not just stock photos and buzzwords
  • Reverse-image-search profile photos to spot reused or stolen images
  • Pause if the conversation feels automated or rushed toward a sign-up form

Cyber security is no longer just about firewalls and tools—it is about recognising when your trust is being engineered.

Call to action: Turn this into a defensible process

If you are an SME leader, founder, or IT decision-maker, you cannot afford to evaluate vendors and “platforms” on gut feeling alone—especially when LinkedIn scams are this polished.

At Lockdown Market, we help organisations build a structured, defensible approach to cyber security vendor evaluation—so you can:

  • Filter out high-risk or low-credibility suppliers early
  • Ask the right security and governance questions
  • Document why you trusted (or rejected) a vendor

Ready to turn ad-hoc trust into a repeatable process?
Learn more about our SME Cyber Security Vendor Evaluation Framework: Explore the framework.

If you have experienced similar LinkedIn scams or suspicious “review” platforms, share your story—normalising these conversations is part of raising the security baseline for everyone.

Tags

Comments