Hackers Using Fake LinkedIn Profiles to Steal your Information

Hackers Using Fake LinkedIn Profiles to Steal your Information

Top 15 Best Android Hacking Apps for Script Kiddies and Security Experts | 2016 List
Hackers Hijacked Mark Zuckerberg’s Twitter and Pinterest Accounts
Vodafone Says Hackers Got Access To Bank Details Of 1,827 Customers In A Recent Attack

Now hackers are targeting the business-oriented social networking service, LinkedIn to seal users information. Hackers are using fake LinkedIn profiles and posing as career recruiters to connect with professionals and lure them to their phishing campaigns. The hackers have also been seeking to connect with professionals from various industries such as oil and gas, and information security.

Symantec discovered that the fraudulent accounts allow hackers to gain trust in them and map networks of business professionals and then direct them to malware-loaded websites where they can get their email addresses and launch spear-phishing efforts. LinkedIn has teamed up with Symantec to remove the identified fake accounts.

Also Read : Hackers Are Selling Lifetime Access To Netflix, HBO, Spotify And More For Less Than $1

“Most of these fake accounts have been quite successful in gaining a significant network – one had 500 contacts. Some even managed to get endorsements from others,” — said Dick O’Brien, Symantec researcher.

Specific Pattern Follow by Fake LinkedIn Profiles

According to Symantec, most of these fake LinkedIn profiles follows a specific pattern:

  • They bill themselves as recruiters for fake firms or are supposedly self employed.
  • They primarily use photos of women pulled from stock image sites or of real professionals.
  • They copy text from profiles of real professionals and paste it into their own.
  • They keyword-stuff their profile for visibility in search results.

Also Read : Kyocera Launches a New Soap Proof, Washable Phone

Fraudulent LinkedIn Profiles

Fake LinkedIn account for a “Recruiter manager” | Image Source : Symantec

Fake LinkedIn profiles are mostly posing as recruiters because that make an easy entry point into the networks of real business professionals. Real recruiters already use the service as a way to find potential candidates. LinkedIn users expect to be contacted by recruiters, so this ruse works out in the scammers’ favor. Many of these fake LinkedIn accounts use unoriginal photographs. Their profile photos were found on stock image sites, other LinkedIn profiles, or other social networking sites. And these accounts also have copy and pasted summary and experience  from real professionals on LinkedIn. The fake LinkedIn accounts stuff their profiles with keywords like “Reservoir Engineer”, “Exploration Manager”, and “Cargo Securement Training” to gain visibility through the site’s built-in search functionality. And Symantec also warns users that if you never met the person before, don’t just add them.

Also Read : Now Facebook Will Notify If Your Account Is Being Hacked By An Attacker Working On Behalf Of A Nation-State

How to Identify Fake LinkedIn Profiles

Symantec also provide some tips to users to identify these fake LinkedIn profiles :

  • Do a reverse-image search or download the TinEye browser plugin to cross check the photos from suspicious accounts.
  • Copy and paste profile information into a search engine to locate real profiles.
  • If someone you know is already connected with one of these fake accounts, reach out to them and find out how they know them.

And also if you suspect that you’ve identified a fake LinkedIn account then report it through this link and help to remove them from LinkedIn.

Also Read : What Are Phishing Scams And 10 Tips To Avoid Them