Pagoda Blog

LinkedIn is valued as a safe space for professionals to connect with others in their business community and stay up to date on the latest industry trends and opportunities. 

 

According to the 2022 Insider Intelligence Report, LinkedIn is the second most trustworthy site in the U.S. (Pinterest is the first.) The fact that we put so much trust in LinkedIn, however, makes users vulnerable to a rising number of scams. The ways in which we intuitively use LinkedIn, often with blind trust in the platform’s credibility and security, can put ourselves, and our employer, at risk. 

 

Below are just a few ways you may engage with the platform that opens the door for scammers: 

 

- Because it is a networking site, you expect to receive direct messages from people you don’t know. 

 

- You readily connect with strangers in an effort to build your network, expand your professional opportunities, and further your career. 

 

- Like any social networking platform, paid accounts can use sponsored posts to reach new potential customers, meaning your feed will include content from accounts you don’t follow. 

 

- In an effort to attract relevant talent, job opportunities, or followers, you share a wealth of sensitive information with the public, such as your employer, past work experience, job skills, interests, and contact information.   

 

Now, don’t get us wrong. We love LinkedIn and believe in the value it provides for business professionals. Like any social media platform, however, you should use it with caution and be aware of the risks. 

 

Related post: How to Safeguard Your Twitter Account

 

Let’s look at 3 common LinkedIn scams and how to spot scammers or fake accounts so you can continue networking without putting your security at risk.  

 

3 common LinkedIn scams 

Scammers lurk everywhere on the internet these days, and LinkedIn is no exception. It’s important when using any social media platform to be aware of these scams so you can avoid engaging with accounts seeking to gain access to sensitive information like your credit card or company network. Here’s what to look out for when interacting with other users on LinkedIn.   

  

1. Fake accounts 

Scammers have long used fake accounts to mask their identity and con people into taking an action that reveals their bank account or credit card number or other sensitive data. A scammer with a fake account will likely use several tactics over an extended period of time to gain your trust. They may target your account with a series of ads in your news feed, ensuring that you recognize the brand, which increases your trust in the company, before making an ask. They may also send you a job offer or invite you to join a group before requesting a payment or sharing a link to a malicious file. 

 

With the sophistication of artificial intelligence bots, there’s actually been a huge uptick in the number of fake accounts on LinkedIn. LinkedIn reported that it removed more than 15 million(!) fake accounts in the first six months of 2021. 

 

Why so many fake accounts? Well, AI can now create convincing computer-generated faces that take a trained eye to spot as fake. In fact, a recent study found that people have only a 50% chance of guessing correctly if an AI-generated face is real or not. These computer-generated profiles are often used to replace real sales people. The company may create a fake sales team with multiple AI-generated LinkedIn profiles that target individuals who may be interested in their service or product. Once the targeted user expresses interest in completing a sale, they are connected to a real human to finalize the deal. 

 

For now, it is still often possible to spot these computer-generated accounts. Little red flags in the photo and in the user’s profile description can tip you off if you know what to look for. Check out NPR’s article for a helpful breakdown of fake profile pics and job descriptions. (Hint: When the eyes are perfectly centered in the middle of the photo, that’s a dead giveaway.)  

 

2. Too-good-to-be-true job offers

It’s exciting to get a job offer on LinkedIn. Even if we’re not actively looking for a new gig, it strokes our ego and can entice us to just take a look at the other opportunities out there. However, if you haven’t applied for the position, searched that company recently, or indicated on your profile that you’re actively looking for a job, the offer may be a scam. This is especially true if your job skills don’t match the job description or if it’s a senior-level position that you’re not qualified for. 

 

Often these fake job offers will ask you to pay for training or pay an administrative fee in order to apply. No one should ever ask you for payment over LinkedIn so this is a sign to report the account and stop engaging. 

 

3. Phishing Attacks 

Phishing attacks on LinkedIn can take a variety of forms. Two of the most common involve accessing your profile through a fake job application and posing as tech support via a phishing email. 

 

Accessing/cloning your profile

This type of phishing attack takes the form of a fake job offer. You may receive an enticing job offer that contains a link. Once you click that link, the scammer gains access to your profile allowing them to also gain access to your entire network. They may use this information to create a clone profile so that they can gain access to higher profile targets within your company. 

 

Related post: 11 Ways to Spot a Phishing Email 

 

Posing as tech support 

Scammers may pose as LinkedIn tech support to gain access to your profile or financial information. Typically, you’ll receive a phishing email from a LinkedIn email address that appears legitimate - until you look closer. 

 

Phishing email addresses will often contain additional characters, like a number at the end, so that it doesn’t quite match the company domain. An example might be: support@LinkedIn3.com. 

 

The email will claim that there’s an issue with your LinkedIn account and in order to remedy the issue, you need to click the included link. Once clicked, the link may download malicious software onto your computer, allowing the scammer to gain access to account credentials or install a form of ransomware. 

 

How to spot a LinkedIn scam 

LinkedIn marketing strategist Judi Hayes has a three-step litmus test to identify fake LinkedIn accounts. It involves performing a thorough fact check of their profile, shared content, and their social network. Let’s look at a few of these steps in more detail below. 

 

You don’t have any common connections 

If the person reaching out to you is a complete stranger without a single connection in common, that’s a major red flag. As a rule, it’s a good idea to focus on building a network of people you either know personally or who have common connections. You can also check their location to see if they’re based in your area. 

 

Their endorsements look fake

Endorsements are a helpful way to verify a user’s true identity. Who is endorsing this person and do these profiles look fake? Performing a quick background check of a handful of endorsements by checking out each profile can often immediately alert you to a scam.  

 

They have a doppelganger 

Conduct a search for the person’s current job, name, and work experience to see if there’s another profile that matches. If so, it’s probably a fake account imitating a real one. You can also use a tool like TinEye to conduct a reverse image search to see if their profile pic shows up elsewhere online. 

 

No one’s face is that symmetrical

Computer-generated faces typically have eyes that are perfectly centered in the photo. The background is also often blurry and other features may look ‘off’ such as their hair or jewelry. 

 

Their profile contains sloppy mistakes

How polished is their profile? Are there spelling and grammar errors? Do they list work experience that doesn’t match their current job title? Scammers often use multiple profiles to hook their targets which means they may not pay attention to the little details when creating each one. 

 

No contact information

Fake profiles often don’t include an email or other contact information to get in touch outside of LinkedIn. If there is an email or phone number included, do a quick Google search to verify it’s authenticity. 

 

Their name is too generic

Scammers will typically use a common or generic name so that if you try and look them up, you get multiple matches. This helps mask their identity and makes it harder to confirm if it’s a real account or not. 

 

Keep networking with security top-of-mind

LinkedIn is still a valuable tool for building your professional network and staying relevant in your industry. No online platform is without its risks so simply engage on LinkedIn with eyes wide open. Once you know how to spot a scam or a fake account, you can continue to safely network with colleagues, attract new clients, and find top-tier talent. 

 

Feature photo by Greg Bulla on Unsplash

 

Related posts: 

How to Leverage Technology to Recruit Top-Quality Job Candidates

What to Do If You Receive Blackmail in Your Inbox

The Threat of Third-Party Apps and How to Manage Them    

 

Want to get more posts like these once a month in your inbox? Sign up for the Pagoda newsletter and sharpen your technical skills, from cybersecurity to digital marketing. 

Want IT to serve you better? 

Subscribe

About Pagoda Technologies IT services

Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at support@pagoda-tech.com to schedule a complimentary IT consultation.