It’s pretty exciting: you get a connection request on LinkedIn, and it’s someone with a wealth of professional experience and an attractive smile. Then you take a closer look. There are typos, obvious grammatical errors and something about this person just seems too good to be true. At first, this fake profile seems harmless, but there’s more to it than what meets the eye. In fact, accepting requests from fraudulent social media accounts, like on LinkedIn, can open the door to phishing attacks.
What’s the big deal?
Because LinkedIn is a professional networking site with over 400 million users, it is now a prime target for online scams. Symantec, a security company, wrote that it’s seen a rising number of fake LinkedIn accounts and has worked with the site to take some of them down. It recently uncovered dozens of LinkedIn profiles that could be used to send “spear-phishing” email attacks to high-profile professionals.
According to Yahoo Tech, what makes fake LinkedIn accounts more menacing than other fake social media accounts is that they’re more likely to be used by hackers and criminals with the intent to steal your personal information, infect your computer or gain access to a corporate network. Once these criminals get a hold of your contact information via LinkedIn, they can send you malware.
“LinkedIn is the perfect entry point for any scammer trying to gain access to your network,” said Satnam Narang, the senior security response manager at Symantec, in an interview with Yahoo Tech. “Once you’re connected, they might send you an email saying, ‘Check out this great article.’ Once you click the link or open the attachment, you’re infected.”
How can you identify a fake profile?
According to LinkedIn, there are a few qualities that typically indicate fake profiles, and the first is pictures. These profiles are often tailored to their “audience” and will feature a young, attractive man if targeting a woman, and vice versa. One discrepancy you can easily identify is that the apparent age in their pictures usually doesn’t match the work experience in their profiles. These photos often look like stock images, too. If you’re ever uncertain if an image is real or pulled from a stock photo site, LinkedIn suggests doing a reverse image search using tools like TinEye or Google Reverse Image.
The next quality to look out for is what kind of job the person has. Symantec warns that these profiles tend to label themselves as “recruiters.” Under this guise, the fake accounts have an excuse to connect with strangers. This is a popular route for hackers because recruiters frequently use LinkedIn as a tool for their practices, and the site’s users already expect to be contacted by them. Another red flag is if the person holds a very high-level position at a big company. It’s wise to not inflate your own importance when getting a request from this type of profile. If it’s a stranger whose job is something like “CEO of Big Name Corporation,” it’s more likely that the account isn’t real.
It’s also helpful to pay attention to the details of the profile, too. LinkedIn recommends looking at how many connections a person has. Typically, someone with one or two hundred is more likely to be a fake account. Frauds on LinkedIn also tend to “endorse” any and all skills listed by their connections.
It’s important to be selective about who you share information with, especially on social media. If you’re concerned about the impact of social media fraud on your identity, you can invest in a credit monitoring that can alert you to certain activity in your credit files that may indicate fraud. This can give you some peace of mind knowing you’re taking the steps to safeguard your identity.