There has been news lately highlighting a trend in hackers using LinkedIn, the popular social media platform for professionals looking to connect with like-minded individuals, to dupe unwitting victims. This includes the creation of fake profiles with the aim of stealing personal information. The fake profiles pose as recruiters and quickly begin to add contacts in the field of their chosen victim. Once they have what appears to be a reputable profile, they then add their victim as a contact having gained their trust as they usually have lots of common contacts in the related sector.
The text that is used for the fake profiles is usually copy and pasted directly from other sources, usually genuine profiles. The accompanying profile photo, which is generally of a woman, is also taken from other professional profiles or, in some cases, a stock photo. It is also revealed that they use keywords such as “reservoir engineer”, “exploration manager” and “cargo securement training” which are likely to help them to attract visibility through the site’s built-in search engine. The majority of the terms relate to the logistics, information security and oil and gas industries.
Boasting over 400 million users worldwide, LinkedIn is seen as a way for professionals to create circles of similar workers in their sector with the aim of using the platform as a form of self-promotion, doing away with the traditional methods of job hunting. It has also become a valuable tool for businesses, who are able to head hunt top talent as well as posting content relating to their company.
In response to the fears of its many users, LinkedIn said: “We investigate suspected violations of our Terms of Service, including the creation of false profiles, and take immediate action when violations are uncovered. We have a number of measures in place to confirm authenticity of profiles and remove those that are fake. We encourage members to utilize our Help Center to report inaccurate profiles and specific profile content to LinkedIn.”
Some advice for users who may be concerned that they are at risk include doing a reverse image search by dragging and dropping the profile picture into Google Images and seeing what it brings up. You can also copy and paste the job information in Google to reveal whether it has been taken from somewhere else.
Seeing as this isn’t the first time that there have been concerns over fake profiles and spamming on LinkedIn, it might be worth your while to do a quick bit of research before you accept a new contact. As always, it pays to be careful with information that you share online as it can save you many potential problems in the future.
The post Beware of the hackers hiding behind fake LinkedIn profiles appeared first on MediaCenter Panda Security.