How Software Engineers Can Avoid Fake Recruiter Scams on LinkedIn

Scams targeting software engineers on LinkedIn are on the rise — especially in Web3 and AI. From fake recruiters sending “technical test” links to dodgy requests for running code, attackers are using increasingly sophisticated methods to steal data, access wallets, or compromise devices.

In a recent LinkedIn poll I ran, 72% of engineers said they’ve been targeted by a fake recruiter scam.

If you’re actively interviewing with companies, here are some practical ways to protect yourself:

Scams targeting software engineers on LinkedIn are on the rise — especially in Web3 and AI. From fake recruiters sending “technical test” links to dodgy requests for running code, attackers are using increasingly sophisticated methods to steal data, access wallets, or compromise devices.

In a recent LinkedIn poll I ran, 72% of engineers said they’ve been targeted by a fake recruiter scam.

If you’re actively interviewing with companies, here are some practical ways to protect yourself:

🚩 Red Flags to Watch Out For

Unverified “technical test” links → Beware of shortened or masked URLs, non-company domains, or random sites asking you to log in.

Requests to run local code → No legitimate recruiter will ask you to run scripts or binaries on your machine.

Dodgy file attachments → Real companies use Google Docs, Notion, or secure platforms. If someone sends you a Word doc or ZIP file, don’t open it.

Pressure tactics → Scammers push urgency (“you must complete this test today!”) to make you skip checks.

Unverifiable recruiter/company → Sparse LinkedIn profiles, no company website, mismatched email domain or websites that look incomplete or obviously templates with lorem ipsum text.

Asking for a deposit / fee → Recruiters engaged by a business should never ask for a fee or deposit or any sort of fiat or crypto transaction.

🔒 How to Protect Yourself

Verify the recruiter → Check LinkedIn history, mutual connections, company affiliation, and endorsements. If they are a recruiter in your space there’s a high chance you’ll have some mutual connections.

Google the company → Might be an obvious one but worth doing a quick check and see if there’s any information that correlates to their LinkedIn profile or company page - or a Reddit feed might occur with someone who’s had an issue with the company.

Check the company domain emails → Real recruiters send emails from company domains, not Gmail/Yahoo/Outlook.

Check the actual website domain → Legit companies will have a website with contact information and links to founders/leadership, references, or reviews, etc - if it looks freshly launched with a template - I’d be concerned. 

Ask about the process → Legit recruiters will explain the hiring stages, platforms used, and who you’ll meet, ask for the hiring managers LinkedIn or Google Scholar profiles - dont be afraid to ask what their relationship is with the company? Who is their relationship at the company? Do they have an agreement in place? ‍

Stick to trusted tools → HackerRank, Codility, Coderbyte, or official company portals — not random download links.‍

Pause if it feels off → Scammers thrive on speed. Take time to double-check before clicking or downloading anything.

‍💬Final Thoughts

Scams are becoming more targeted, especially in Web3 where wallet access is a prime target. As an engineer, you’re not just protecting yourself — you may also be protecting the company you work for.

Stay cautious, trust your instincts, and remember: a genuine recruiter will never be offended if you ask for verification.