That’s the advice from Proofpoint — an international internet security firm. Studies by the company have revealed malware campaigns are twice as likely to come from LinkedIn — the networking site for professionals — as from anywhere else.

Their research showed the most effective malware campaigns came from email templates posing as fake “social media connections”, financial account warnings and phony order confirmations.

As well as twice as many campaigns coming from LinkedIn, they also found users were four times as likely to click on bogus campaigns from the social network site.

Deakin University security and social media Professor Matthew Warren said users tend to trust LinkedIn more because they consider it to be a network for “professionals”.

“One of the big problems with LinkedIn is the fake profiles and fake notifications are usually from people who are masquerading as someone you know,” he said.

Mr Warren said people who fall foul of this malware have usually been specifically targeted in a campaign to get information about a particular organisation.

“There’s an issue of spear phishing where you try to attack a specific target based on their profile and the organisation they work for,” he said.

“And that’s what LinkedIn easily allows you to do because you can find a lot of the people who work for that particular organisation.

“While LinkedIn can be a very powerful tool to use professionally, it can also be used in these attack strategies.”

Mr Warren said the problem is most people might not even be aware malware has been installed on their computer.

“The most effective malware is the passive malware that just sits there and just monitors your activities,” he said.

“For particular organisations, it could mean capturing log ins that used on your computer.”

Mr Warren said if you receive an invitation via email, it is always best to visit the site directly instead of clicking on the link.