LinkedIn scams and spam have become a major nuisance for anyone using the professional world’s most popular networking service. Boasting over 400 million users, LinkedIn is a prime target for scammers looking to connect with professionals in a variety of industries including Information Security and Oil and Gas.
Those opportunities to learn more about the world, to find out what you love, and to engage with distant followers are certainly exciting despite the risk of connecting with new people who might be more foe than friend. Such is the dynamic nature of those platforms.
However, scammers are adaptable insofar as they are willing to stalk users even on more business-oriented sites where connections carry professional gravity.
This point is evident in how fraudsters use common types of LinkedIn scams in an attempt to trick LinkedIn users.
LinkedIn Scams 1: Fake Job Offers:
This scheme uses the same lure as the money-based “work from home”. Users receive a LinkedIn message from someone claiming to be a job recruiter.
The spammer outlines the details of a high-paying job, the duties of which can be performed from anywhere. To assuage users’ skepticism, they commonly say that the offer is 100% legitimate. But when payday comes around, there’s no paycheck to be found.
Irene, a job seeker who had been working from home for several years, explains what happened when she fell for this scam:
In some instances, the company just disappears without a word in an attempt to avoid paying employees for their work. It is, therefore, important that users exercise caution if they are offered a job over a LinkedIn message.
LinkedIn Scams 2: illegitimate Contact Request
Sometimes a misleading message isn’t the worst part of a LinkedIn scam. In some cases, it’s connecting with another user who you might not know.
One of the most common uses on LinkedIn is a fake connection invite email from another member. Alison Doyle, a job searching expert with About Careers, explains that the invite usually comes with a link that invites the user to either visit their LinkedIn inbox or to automatically accept the invitation. If the user clicks on the link, they are redirected to a website that downloads malicious software such as the data-stealing ZeuS malware onto their computer.
Users should always be careful when clicking on suspicious links in their emails. If they receive an e-mail invitation to connect with another LinkedIn member, they should log into their accounts and review their connection requests there.
If you think, you have fallen to such scams, consider scanning your computer for potential malware.
LinkedIn Scams 3: Dating/Romance Scam
Though LinkedIn is meant to be a platform for professional business connections, that doesn’t deter scammers from using the prospect of romance as a lure to reel in unsuspecting users.
Alexandra Cain of The Sydney Morning Herald recalls receiving a fake romantic missive in her LinkedIn inbox a few years ago. The message read as follows:
These messages are no doubt meant to entice a user into communicating with the scammer off of LinkedIn. Once the scammer obtains the user’s email, they can store it for future spam campaigns. They can also work the user further and try to convince them to visit a website that hosts malicious software.
That is not to say that romantic connections are impossible on LinkedIn. But if someone is truly interested in you, they should at least address the message to you specifically, i.e. include your name, and not send out something generic. If it is the latter, they’re probably a spammer.
Help The Community By Spreading Awareness. Share It On LinkedIn
LinkedIn Scams 4: Spear Phishing Scam
In order to market themselves to potential employers and professional business connections, many LinkedIn users flesh out their profiles with details regarding where they work, the causes that they support, and the skills that they possess.
Together, these bits of data provide scammers with more than enough information to launch spear-phishing –or in the case of executives, “whaling”–attacks against entire companies.
If one of those attacks succeeds and the scammer obtains access to an employee’s credentials, they could potentially gain access to sensitive corporate information and/or compromise the PII of thousands of workers, as was the case in the recent data dump of DOJ workers’ information.
To protect your account credentials against scammers, make sure that you treat emails from people you don’t know with caution. In particular, do not click on any suspicious links or open any unknown email attachments.
LinkedIn Scams 5: Spear Phishing Scam
We have seen these 419 scams flood our Spam folders for years, so it is only fitting that we would come across them on LinkedIn from time to time.
Jennifer Jones, a partner at Social Media Today, explains how she came across one such scam when she was contacted by “Jonathan Salisbury,” who claimed he worked for the Royal Bank of Scotland as a Senior Relationship Manager in Corporate Banking.
The scam message informed Jennifer that she had inherited millions of dollars from a deceased relative and requested that she contact “Jonathan” via email if she were interested in claiming the money.
Had they connected outside of LinkedIn, “Jonathan” would no doubt have pressed for Jennifer’s financial information under the guise of a necessary money transfer processing fee. Jennifer would then have lost thousands of dollars in the process, and there’s no way she would have received her millions.
Fortunately, Jennifer was wise to the scam from the beginning. She never contacted “Jonathan” over email and instead reported the message to LinkedIn. If you ever receive an advanced fee scam message on LinkedIn, please make sure you do the same.
Help The Community By Spreading Awareness. Share It On LinkedIn
How To Identify A Fake LinkedIn Profile?
Most of these fake accounts follow a specific pattern:
1. They bill themselves as recruiters for fake firms or are supposedly self-employed
2. They primarily use photos of women pulled from stock image sites or of real professionals
3. They copy text from profiles of real professionals and paste it into their own
4. They keyword-stuff their profile for visibility in search results
Under the guise of a recruiter, these fake LinkedIn accounts have an easy entry point into the networks of real business professionals. Real recruiters already use the service as a way to find potential candidates. LinkedIn users expect to be contacted by recruiters, so this ruse works out in the scammers’ favor.
Fake profile photos
Many of these fake LinkedIn accounts use unoriginal photographs. Their profile photos were found on stock image sites, other LinkedIn profiles, or other social networking sites. We were able to confirm this by using reverse image search tools like TinEye and Google’s Search by Image.
Copy and pasted summary and experience
When reviewing these fake LinkedIn accounts, we observed that the text used in the Summary and Experience sections were usually lifted verbatim, though were sometimes modified, from real professionals on LinkedIn.
If you suspect that you’ve identified a fake LinkedIn account, you can report it here.
Social networking sites are a useful tool for connecting with friends and colleagues. But we must remember that like on any website, scammers prowl these platforms for unsuspecting users. As you build your connections on LinkedIn, remember to keep an eye out for the scams explained above.
Make Sure To Share It With Your Contacts On LinkedIn.
For more useful tips, follow us on LinkedIn HERE.