We received great feedback on our recently about hacking on LinkedIn . LinkedIn, as a business social network, offers a forum for members to post and view live resumes. It promises opportunities to connect with potential employers, employees, business partners, and clients. On a more psychological level, it appeals to the desire to “see and be seen” – to showcase one’s career, see who is interested, and find out about others’ professional backgrounds.
LinkedIn’s main source of profit, however, is not the average user, but rather those who purchase premium services. These include recruiters, as well as companies looking to boost their search engine profiles or establish business-to-business (B2B) relationships. These also include scammers, spammers, and hackers. What makes LinkedIn unique among social media networks is that most members are seeking to connect with people they do not yet know. This makes it more vulnerable to certain types of threats. Scammers typically pose as employers or recruiters in order to fish for personal information, which they use for identity theft or corporate espionage. Spammers usually send messages advertising products. And hackers increasingly use “spear phishing” messages targeted to members’ specific interests to persuade them to click on malicious links or files. As we discussed in our previous article, human resources departments can play a helpful role in educating employees about cyber threats on LinkedIn and practices that help reduce risk.
How, then, can you tell if an invitation is from a professional in your field, or from someone trying to exploit you?
Five clues can help to identify a fake LinkedIn account:
- Low number of connections. Most active LinkedIn members have hundreds of connections. A LinkedIn member who has fewer than 100 connections and is trying to connect with strangers seems fairly suspicious.
- Executives from Asia. Fake profiles often claim a very senior position in a fictitious company or bank located in Asia.
- Low number of endorsements. Members who are actively using LinkedIn to expand their business network generally make sure to get lots of endorsements first.
- Random connections. A profile with a large number of connections to members in completely unrelated industries may be fraudulent.
- Random job history. Similarly, a profile with a scattered employment history in unrelated industries is likely to be fraudulent.