A recent report from Check Point Research revealed a shocking statistic – the Microsoft-owned business platform LinkedIn is impersonated in nearly half of all phishing attacks globally.
One of the ways scammers leverage LinkedIn to deploy their phishing attack is when they zero in on anyone seeking a new job or career change. While e-mails like “You have 1 new invitation” or “Your profile has been viewed by 63 people” can be authentic, it’s critical to verify the e-mail address it’s sent from to ensure that it’s genuinely from LinkedIn. These impersonators will send e-mails that look identical to the real ones, with links to fake LinkedIn pages that will rip off your information as soon as you enter it.
Another way cybercriminals leverage LinkedIn is by creating fake profiles and messaging people about job opportunities. Once you’re on the hook, they’ll either ask for a small payment upfront to process your application (that you’ll never see again) or send you a link to a form you must fill out that’s actually a phishing link in disguise.
LinkedIn is aware of the problem and is working on developing advanced security features to protect its users. Here are three of the current security features it has already deployed:
1. Suspicious Message Warnings – LinkedIn’s technology can detect messages from people who are attempting to take you off the platform or are saying something potentially inappropriate, and will send you a warning notification.
2. Profile Verification – This feature allows you to verify your page’s authenticity. By submitting an additional form of ID, you can get a verification badge on your profile, so anyone who looks at it knows you are who you say you are. This is a valuable feature since scammers are always looking for fresh targets and have pages that get shut down quickly, so they don’t often bother keeping information up-to-date.
3. Profile Information – This feature allows you to see the details of a person’s profile to help you determine whether or not to respond to a message, accept a connection request, trust an offer, etc. Under your profile, if you click “More” and select “About this profile” from the drop-down menu, you’ll see information like:
- When the profile was created.
- When the profile was last updated.
- Whether the member has verified a phone number.
- Whether the member has a work e-mail associated with their account.
4. AI-Generated Profile Picture Detection – Scammers will use AI to generate realistic profile pictures of fake people to create fake profiles used to scam users. Scarily, LinkedIn’s research showed that users were generally unable to visually distinguish real faces from these synthetically generated ones. As a result, LinkedIn partnered with Academia to develop and deploy advanced detection features that allow LinkedIn to detect AI-generated profile pictures and shut down their profiles before they cause problems.
Do you use LinkedIn to find jobs, employees or clients? It’s a great resource for business, but it’s important to stay secure. However, LinkedIn’s features are just the first line of defense. If someone in your organization were to fall for a scam and click a bad link, would your internal security solutions be enough to protect your network?
We can help you find out. We’ll do a FREE Security Risk Assessment to help you determine if your network is vulnerable to any type of attack. To book yours, call us at 585-343-2713 or click here to book now.
