A recent report from Check Point Research revealed a shocking statistic – the Microsoft-owned business platform LinkedIn is impersonated in nearly half of all phishing attacks globally.
One of the ways scammers leverage LinkedIn to deploy their phishing attack is when they zero in on anyone seeking a new job or career change. While e-mails like “You have 1 new invitation” or “Your profile has been viewed by 63 people” can be authentic, it’s critical to verify the e-mail address it’s sent from to ensure that it’s genuinely from LinkedIn. These impersonators will send e-mails that look identical to the real ones, with links to fake LinkedIn pages that will rip off your information as soon as you enter it.
Another way cybercriminals leverage LinkedIn is by creating fake profiles and messaging people about job opportunities. Once you’re on the hook, they’ll either ask for a small payment upfront to process your application (that you’ll never see again) or send you a link to a form you must fill out that’s actually a phishing link in disguise.
LinkedIn is aware of the problem and is working on developing advanced security features to protect its users. Here are three of the current security features it has already deployed:
- Suspicious Message Warnings – LinkedIn’s technology can detect messages from people who are attempting to take you off the platform or are saying something potentially inappropriate, and will send you a warning notification.
- Profile Verification – This feature allows you to verify your page’s authenticity. By submitting an additional form of ID, you can get a verification badge on your profile, so anyone who looks at it knows you are who you say you are. This is a valuable feature since scammers are always looking for fresh targets and have pages that get shut down quickly, so they don’t often bother keeping information up-to-date.
- Profile Information – This feature allows you to see the details of a person’s profile to help you determine whether or not to respond to a message, accept a connection request, trust an offer, etc. Under your profile, if you click “More” and select “About this profile” from the drop-down menu, you’ll see information like:
- When the profile was created.
- When the profile was last updated.
- Whether the member has verified a phone number.
- Whether the member has a work e-mail associated with their account.
- AI-Generated Profile Picture Detection – Scammers will use AI to generate realistic profile pictures of fake people to create fake profiles used to scam users. Scarily, LinkedIn’s research showed that users were generally unable to visually distinguish real faces from these synthetically generated ones. As a result, LinkedIn partnered with Academia to develop and deploy advanced detection features that allow LinkedIn to detect AI-generated profile pictures and shut down their profiles before they cause problems.
Do you use LinkedIn to find jobs, employees or clients? It’s a great resource for business, but it’s important to stay secure. However, LinkedIn’s features are just the first line of defense. If someone in your organization were to fall for a scam and click a bad link, would your internal security solutions be enough to protect your network?
We can help you find out. We’ll do a FREE Security Risk Assessment to help you determine if your network is vulnerable to any type of attack. To book yours, call us at 732-795-5543 or click here to book now.
Why Regular Network Audits are Crucial for Your Business
In today's digital age, the health of your business's network directly impacts operational efficiency and security. Regular network audits are essential, not just for maintaining day-to-day...
Is Your Social Security Number Leaked? Here’s How To Find Out And What To Do Next
By this point, most people’s Social Security numbers (SSNs), a.k.a. one of the most important pieces of data assigned to you, have found their way onto the dark web. Thanks to breaches at major...
Preventing Phishing – Training Your Staff on Recognizing Scams
Phishing scams are among the most common and damaging cyber threats faced by small businesses, especially in areas like Monmouth and Ocean County where many SMBs may not have dedicated cybersecurity...