Warning: A Linkedin Phishing Campaign Is Targeting Executives
KnowBe4, Tuesday, February 3rd, 2026
A phishing campaign is abusing LinkedIn private messages to target executives and IT workers, according to researchers at ReliaQuest. The messages attempt to trick victims into opening an archive file, which will install a legitimate pentesting tool.
'A critical element of this attack was the use of a legitimate, open-source Python script designed for pen-testing,' ReliaQuest says. 'Relying on publicly available tools means less effort for attackers and allows them to reduce costs and detection risks-all while lowering the technical barrier to entry.'
The researchers stress that the abuse of legitimate tools makes the campaign more likely to bypass security defenses.