As of 24 March 2022, LinkedIn has 810 million members across 200 countries. This is impressive and indicates how popular the platform is among professionals. It enables anyone in the world to see another’s professional background and contacts. In effect, this helps you stand out from the crowd during job searches and screening processes. It’s not all plain sailing, the platform has also attracted scammers.LinkedIn scams have grown more than other social media sites.
In most cases, it’s due to the trust associated with users being professionals. That’s to say, users assume all users are like them; professionals. This false sense of security plus the potential for credible connections from strangers makes it a scammer’s dream!
To protect yourself from LinkedIn scams and prevent falling for scams, you’ll need to know more about them. In this article, I’ll take you through all the latest scams and how you can spot fake accounts. First, let’s look at why scammers are targeting LinkedIn users.
Why Are LinkedIn Scammers Targeting You?
Insider Intelligence states LinkedIn is the #1 digital trustworthy site in the United States. LinkedIn isn’t a place where you have flame wars, baby photos, and memes on your feed. Instead, it’s a professional site. It all boils down to credibility. On LinkedIn, you expect everyone on the platform to be like you. You expect them to have the same professionalism you do.
Unfortunately, you might lower your guard, thinking anyone is reliable. This makes you easy prey for scammers seeking trusting LinkedIn users to take their bait. To make things worse, LinkedIn users expect messages from users they may not know about credible job offerings. You’ll get job offers, news in your field from inside sales teams, and brand awareness messages. To compound the issue, automated artificial intelligence bots are being used to target sales to specific professionals.
LinkedIn scammers use similar processes to target users; not too different from a sales team. You might become a target as your vulnerability increases during job searches. This is like a sales prospect in need of an offering from a vendor.
In general, most cybercriminals use job scams to target potential victims on LinkedIn, but you can expect others. To help you with this, let’s take a look at the 4 most common LinkedIn scams you’ll need to watch out for.
Get The Latest Cybersecurity News
4 Common LinkedIn Scams
Below are 4 common LinkedIn scams you should keep in mind when job seeking. This will help you take precautions, so you don’t fall for them.
1. Fake Accounts
Scammers create fake profiles because they don’t want to reveal their true identities. They’ll try to make them look as legitimate as possible. In this scenario, they’re never fully successful.
Most LinkedIn scams will use fake accounts to help deliver their scam. These can vary widely from fake job applications to confidence plays. You might even get a message to pay service fees during the fake job scam.
The funneling process for this scam may be direct during the first interaction but it needs time to win a person’s confidence. Most scammers will hold off until they have sold you the idea fully. In a sense, this is similar to a sales validation process. To that end, professional scammers will even use a sales funnel that they apply to their target demographic.
You’re also likely to encounter other scams that work the same way. For instance, when you’re contacted about an inheritance where a transfer fee needs to be paid upfront.
Alternatively, you may be working to procure resources, like chemicals and equipment. Fake accounts may convince you to send money to pay delivery fees for ‘free samples’ sent from a manufacturer. In this scenario, scammers target you based on your job role and what company you work at.
Above all else, remember you’ll never be asked for any money on LinkedIn. If you get requests at any point of the confidence play, don’t send money, even if it’s a ‘small amount’.
If you’re procuring resources, ensure you contact the company directly and avoid doing any business over LinkedIn. Legitimate contacts will understand your thought process.
You can usually identify fake profiles if you look closely. I have more on that in a later section, so stay tuned. For now, let’s look at another scam you might see!
2. Phishing Attacks
In a phishing attack, you receive links or attachments that are seemingly relevant to a job application. This scam only works if you buy into the message you receive and click the link. When you click these links, you share your account information and login credentials with the scammer. In essence, you’re permitting cybercriminals to access your data.
Attacks can vary here. In most cases, scammers can create a clone of your account and access any hidden links associated with your account. Over time LinkedIn scammers clone your profile, allowing them to gain access to higher-profile targets.
Access to your account and contacts allows scammers to see all your private messages. This gives them access to insider business knowledge. In this case, your information is sold to your competitors or company ransomed to keep the hack quiet. If made public companies can on average spend 18 months regaining client confidence.
This tactic is common among cybercriminals interested in exploiting companies. Often this offers larger payouts that target individual users and gain their confidence. After all, once reported by one user, the game is up.
To that end, avoid clicking links in messages, emails, or social media posts. Profiles can be cloned so don’t trust any link. Failing to do so can bankrupt your entire company.
3. Fake Job Offers
You’re thrilled you got an offer for a senior job position on LinkedIn. Alternatively, a recruiter says a company is interested in your talents. These are both credible scenarios for legitimate offerings, so how do you avoid fake job offers?
Here the scam works by first winning your trust that the offer and person are genuine. In most cases, the user profile and connections are fake. Some however that originate in some unregulated countries can use a real profile to help this trust-building process.
To spot fakes, first, recall if you applied or announced your interest in a new job prospect. Is this connection out of the blue? If you didn’t then your chances of being head-hunted is remote.
Secondly, check the job description, do your skills match the job. If your skills don’t match, it’s a scam. If it isn’t, and the offer is genuine then you’ll likely do poorly in it. In either case, avoid these poorly crafted attempts at gaining your attention.
In most cases, the account holder will ask you to pay for training or an administration fee. This is another red flag since no credible job will ask you to pay in return for employment.
4. Tech Support Attacks
What’s the best way to gain user trust quickly for cybercrime? First, target users of a professional website, like LinkedIn. Next, bestow additional trust through using a fake tech support account!
In this scam, you get an email claiming your LinkedIn account has issues. This could claim anything from it being hacked, an automated payment issue, or similar. The email address will look similar to a professionally reserved email address. Scammers may use a proxy address to help this or replace characters like ‘1’ and lowercase ‘L’. Alternatively, they’ll create an email address that uses the same words but is arranged differently. Above all else, this scam works in part by tricking you into thinking it’s from tech support.
To help LinkedIn scammers, they’ll use an existing email and copy the logo and layout across. Professional scammers will take care when selecting the donor email. In brief, companies send slightly different emails for different uses, getting this wrong can alert the reader.
In any case, the message seems legitimate at face value. The threat lies in the link supposedly redirecting you to LinkedIn to fix the issue. Once you click the link, scammers can inject code into your computer’s flash memory. This can do anything from keylogging to get passwords for further exploitation to adding ransomware software.
Let’s now turn to how you can spot a fake account, scammers’ starting point.
How You Can Spot Fake LinkedIn Accounts
You’ll need to Spot fake LinkedIn accounts if you want to survive the majority of LinkedIn scams. This is difficult but not impossible, here are 12 key things you can look out for when deciding if an account is real or not.
1. Is That a Celebrity?
Some fake accounts use profile pictures of celebrities to be daring. In most cases, however, attackers steal profile pictures from real users. Fake accounts may target men by adding a women’s profile picture and vice versa. If you have doubts or requests from users you don’t personally know, check their profile picture in Google’s reverse image search. You’ll see if the picture appears somewhere else online with a different profile name. If so, it’s a red flag and you’ll need to avoid contact with this ‘person’.
2. Is Premium Status Really Trustworthy?
Experts suggest that premium status is an excellent indicator an account is real. Though most fake accounts don’t hold this premium status, it doesn’t mean premium accounts are off the hook. Some scammers purchase their way to your trust by using a premium service. It makes them seem legitimate in our eyes without checking further. When you see a premium account, don’t immediately assume it’s the real deal.
3. My Friends Think You’re Great?
LinkedIn scammers likely won’t have many connections in common with you. The fake account also won’t have many secondary connections. In this case, you want to check an account’s shared connections. If their number is low, you might risk connecting with a scammer. That said, new accounts can look suspicious even if they’re not. Remember to chase references, and a phone call is relatively inexpensive.
4. Closed Gated Communities?
The main difference between fake and real profiles is the activity in groups. Real people are more likely to join closed groups. They also take part in discussions, even if they’re unverified members. In contrast, LinkedIn scammers will often lurk near targets until someone invites them into an open group. Then, scammers will send you a message saying something like: “I see we both joined this group, so let’s connect.” Keep an eye on these sorts of messages, and don’t connect just for the sake of connecting.
5. Where in the World Are You?
Common sense would tell you not to answer an unknown connection request. This is also true for someone who lives halfway across the world. Ensure you’re connecting with people you know. If you have dealings with others further afield ensure that you are connected to them. Above all else, check out their profile to ensure the details and connections seem reasonable.
6. Where are Your Endorsements?
Real accounts don’t endorse fake accounts, but more fake accounts do. Check account profiles and endorsements together. If these profiles have no substance, their endorsements will lack this too. Avoid these scammers and contact LinkedIn about the connected profiles!
7. Imitation of Life?
Many LinkedIn scammers use the same profile names and profile pictures on different accounts. This includes the same company details or work experience. Search for people with the same name, work experience, current job, and profile. If you get a match, that’s your red flag to avoid this profile.
8. What’s Your Work Experience?
Some fake accounts seem too good to be true. People with positions that don’t match their experience may be LinkedIn scammers. Even if someone tries to connect on the premise you both have the same job role, question it. Don’t trust any claims without doing thorough background checks.
9. A Literal Disparity?
LinkedIn is a website for professionals who will have a degree of literacy. Check for any spelling mistakes or basic grammar issues in the context of the profile. That said, it’s ok if the literacy is above that expected. In these circumstances, the user would’ve likely paid someone to update their profile. Here you’re only interested in checking if it’s worse than expected, not better. Most scammers will not want to waste their time polishing a profile any more than necessary. This is because if the scam fails then they need to quickly create the next scam.
10. How Do I Reach Out to You?
Fake accounts usually don’t include email or phone contact information. If they do, check if the information is real. Open Google Maps and check that the residence associated with the phone number is near the profile user’s claimed workplace. Additionally, try checking other sources for this information, like the listed employers of the account. Get their information directly from an internet search, not LinkedIn. This helps ensure you’re not routed back to the scammer.
11. Why’s the CEO Contacting Me?
If you’re getting requests from people with senior positions in a company, the account could be fake. It’s tempting to accept these connections but think about why they’d reach out to you. If it’s job-related, HR or middle management will contact you; not upper management. This is because upper management pays others to do these repetitive tasks, so they can focus on growing the business.
12. Cliché Names for Gains?
LinkedIn scammers use generic names for their accounts. Uncommon names are easier to search since you might get only a few contact suggestions. This poses a problem for scammers trying to blend in.
For professional scammers, this doesn’t mean they won’t make their websites and supporting content. For instance, they may keep websites and digital material as templates they can rehost when needed. That said this costs time and money which may not lead to profit. In most cases, scammers like cheap and simple solutions, with generic names being easy to implement.
Final Thoughts
Job searching is already stressful and you don’t want to add cyberattack risks to it. Make sure you know how to detect the 4 most common LinkedIn scams and spot fake accounts. You can also make your account private. Simply go to LinkedIn’s privacy settings and decide who sees specific details about you. You can hide your last name and contacts list. Choose Private Mode for the best confidentiality.
Check Out The Cybersecurity Self-Help Guide Book Review
FAQ
Why do LinkedIn scams work?
LinkedIn scams have become more popular over the past few years. Cybercriminals are recognizing LinkedIn users have more trust than other social media platform users. This is because the site is for professionals, and many falsely assume all users are true professionals.
Are premium LinkedIn users scammers?
Many LinkedIn scams occur with premium accounts since they impart trust. If you’re worried about a premium LinkedIn account, then check the profile. If something looks out of place and you haven’t met the person, they could be a LinkedIn scammer.
How do LinkedIn job scams work?
Scammers can go through an elaborate process to make a fictitious job appear real. You may even go through job interviews sending CVs and cover pages to replicate a real selection process. Over time, you think you’ve nailed the job. Sometimes, you trust the process so much that money requests don’t alarm you. Instead, you’d complete the fraudulent process with the goal of job security.
What should I check for when looking at LinkedIn accounts to spot scammers?
Scammer profiles will comprise a difficult-to-search common name. You’ll likely find basic spelling and grammar mistakes, and the credentials likely won’t make sense. Scam profiles are relatively new and only have a few connections. These connections would also be fake and poorly developed. In essence, you’re looking for anything that looks out of place.
Can I hide my LinkedIn profile from others?
Yes, you can hide your LinkedIn profile from others. Go to LinkedIn’s privacy settings and decide who sees details about your profile. Choose Private mode for greatest confidentiality, but this may affect your ability to make new connections. You’ll have to decide what’s best for you.
Resources
What Is a Digital Identity?
Learn what makes up your digital identity and how you can protect it here.
Corporate Measures Against Data Exposure
Discover what your company can do to prevent apps from gaining permission to Microsoft 365 data here.
Intrusion Prevention
Read about the best intrusion prevention systems you can use to ward off attacks in 2022.
Improving Your Cybersecurity Strategy
Get the best cybersecurity policies from this article here.
Enhancing Your Cloud Security
Read everything you need to know on cloud security here.
LinkedIn is behind the times . I’ve been involved in more than 2 scams that aren’t even on this list.
I came across this person in LinkedIn that use the same photo but different name, Ali Hafiz and Ali Rahman working as project manager and senior project manager at Gazprom Company in Russia. How do we check that he is a scammer?
First he ask me to transfer money to a company in German using his account from whiteleaftrust.net.
The secondly, he again asked me to transfer to a company in Dubai but the transaction is unsuccessful, then bank block his account. Due to that, he wants to borrow money from me. So I suspect something wrong is going on. So I stopped.
I had the same experience as you. Came across this guy named Franc Miroslav, but Franc Kovac on email and his bank account which he asked me to transfer money to a few companies to pay for machineries as he is a construction engineer on a project in Turkey where he did not have reception. Then the bank account got blocked as he tried to ask me to help transfer the third time for the delivery of the machines. Then he asked me to help pay for them and when he sorted out with his bank he will pay me back. I suspected something so I didn’t help but continue to talk to see what step he is up to.