It turns out that the flurry of LinkedIn messages I got wasn’t a social engineering attack or something else, but a simple LinkedIn bug.
One of my readers (thank you!) let me know that a valid post from the consulting company I work for had my LinkedIn name attached to it. When I reached out to the recruiter who contacted me initially, he was confused and when I provided the link it didn’t show my name anymore attached to it. The person who sent it to me said that my name wasn’t attached to it anymore either.
So the only possible reason this may have occurred is that at one time I had a LinkedIn Company page because I needed it to send pages from my website to the Company page via API. I deleted the Company Page last year when it was clear that I didn’t need it anymore. It is possible that something got confused and acted as though my company page was active, and that I was somehow attached to the current consulting company.
What were the actions that I took to protect myself when I thought that someone may be trying to attack me in LinkedIn? First I went to ChatGPT/Google to see if this was a known scheme. It was, and so I changed my LinkedIn password in my password manager, and also logged out of any sessions from Settings > Login history and logged out of my current session in case there was malware on my computer. Then I logged back in, verified that no other sessions with my account were logged in, and then asked the people contacting me for information to prove the job link. When no one could give it to me, I suspected this was fraud.
When the gentleman above gave it to me about 30 minutes into this little adventure, then like I said earlier the recruiter confirmed it wasn’t them, I have to blame Microsoft/LinkedIn on this.
This sucked away 2 hours of my time responding to people, researching this, resetting my password, talking to the recruiter and ultimately writing these posts today. I hope it doesn’t happen to you.