Hackers using fraudulent LinkedIn profiles
Professionals on LinkedIn are being targeted by an increasing variety of hackers. A slew of fake accounts have been found on the social media platform across many industries.
Symantec discovered that the fraudulent accounts allow hackers to gain trust in them and map networks of business professionals. LinkedIn has teamed up with Symantec to remove the identified fake accounts.
Cyber-criminals persuade users to give up personal details when they make new connections on the network, then direct them to malware-loaded websites where they can get their email addresses and launch spear-phishing efforts.
"Most of these fake accounts have been quite successful in gaining a significant network - one had 500 contacts. Some even managed to get endorsements from others,” said Dick O'Brien, Symantec researcher.
LinkedIn released this statement saying, “We investigate suspected violations of our Terms of Service, including the creation of false profiles, and take immediate action when violations are uncovered.”
Symantec says most of the fake accounts follow a pattern, having profiles that impersonate recruiters at made up firms or self-employed professionals, They also tend to be made up of text copied and pasted from the profiles of real professionals. The researchers advise users to avoid adding people they have never met before to their network of connections.