LinkedIn is a more professional social media platform where connections carry great professional importance. A platform that requires users to put down their personal information like resume, experience, and qualifications so that people can make connections and find you. It also offers opportunities to network with industry experts for first-hand information and exciting new opportunities.
Scammers have been haunting users on social media platforms (Facebook and Twitter) for years, but users are becoming more aware of social media risks and tend to share less personal information on such platforms. The scammers have now moved to stalk users on LinkedIn. LinkedIn has grown to become one of the most popular social networks for professionals with over 645 million users from more than 200 countries worldwide.
Being a professional social platform, most users think that everyone on the platform is a professional therefore users tend to let their guard down making them susceptible to various scams being committed on the platform. The only way to keep yourself safe on LinkedIn is to have knowledge of the types of scams, learn how to identify or watch out for them and protect yourself.
Types of LinkedIn scams include but are not limited to:
SCAM 1. FAKE PROFILES
This scam basically involves someone creating a fake account pretending to be someone they are not professionally e.g. pretending to be someone influential in a well-known organization, example is the different fake profiles of the Group Managing Director of NNPC.
Fake profiles are the origin of most other LinkedIn scams.
The aim here is to be part of your network and gain your trust, once the connection is established, they will move on to other types of scams, by either sending you a fake job opportunity, phishing links, or malicious links that will install viruses and malware, spamming. To protect yourself from such an attack, you must be savvy enough to identify fake profiles.
How to identify a fake LinkedIn profile.
- Check the profile: an incomplete profile normally indicates a fake profile.
- Company check: search for the company the new connection claimed to work for. Search for the company on Google if the company exists. If the company, they claimed to work for does exist watch out for other red flags.
- Spelling mistakes: professional with spelling mistakes in their profiles should be a cause of concern.
- Position: most scammers claim to hold a senior position in the company, a connection request from a senior member of the company should raise an eyebrow. An example of a fake connection request is such a request from the Emir of Dubai.
SCAM 2. IMPERSONATION.
Due to the availability and accessibility of personal information on LinkedIn, scammers use your personal information to create a clone profile pretending to be you. The aim of this scam is to use the cloned information to scam your connections.
Sometimes, scammers use an exciting job opportunity to request personal information such as your email address and phone number. Access to this information can be used to steal your identity and commit crimes leaving the victim in trouble and left to prove his/her innocence. Another form of impersonation is a scammer using your information to create a clone profile with all your information but with a different name, e.g., the profile below is an exact cloned copy of my personal profile.
Reporting a fake profile:
To report a fake profile:
- Click on the more icon on the member’s profile.
- Click on the Report/Block.
- Select Report this profile in the What do you want to do? pop-up window.
- Select the applicable reason for flagging the profile in the tell us a little more pop-up.
- Click Submit.
SCAM 3: PHISHING.
Phishing is a cybercrime technique that uses fraud, trickery, or deception to manipulate you into disclosing sensitive information. In this type of scam, phishers send out emails that look legitimate from a reputable organization. On LinkedIn, the email will look like it is from the LinkedIn team, such email will try to spur you to take urgent action.
For example, you may receive an email telling you of an attempted hack on your profile, the email will have a link to click. The link will take you to a cloned LinkedIn page where there will be a request for your login details. Any information you input on this page will be accessible to the scammers thereby having access to your real LinkedIn account to carry out other scams.
To protect yourself from phishing attacks:
- Always make sure the message is from the LinkedInteamby double checking the email address.
- Never click on a link from a suspicious message, instead try accessing LinkedIn from your browser or the app.
- If you have already clicked the link, do not enter your login details, close the page. If you have already entered your login details, change your password profile as soon as possible.
- Watch out for spelling mistakes and grammatical errors.
Example of a phishing message.
SCAM 4: FAKE JOB OPPORTUNITIES.
LinkedIn is a platform for building professional networks, getting trending information, career courses, and job opportunities.
With a high level of unemployment and the effect of the pandemic, scammers know that job seekers are soft targets for fake job offers. Fake job offers come in different forms. For example, a fake recruiter will offer a remote job with a good salary, ask for a “registration fee” and then disappear immediately after payment.
There are also fake job offers that include malicious attachments or phishing links. Clicking on these links or opening the attachment will expose you to all kinds of attacks/scams. Therefore, whenever you receive a job offer, be careful to diligently research to ensure you are not being scammed.
Example of a fake job posting.
HOW TO BE SAFE ON LINKEDIN
Below are some tips to help you stay safe on LinkedIn.
- Always do a thorough check on a profile before accepting connection requests. Go through their profile and check for red flags as outlined above.
Also, research job offers, the recruiter, and the company being worked for. Most information about legitimate companies can be found on Google.
- Never share personal information online: never share personal information online, be it, addresses, or phone numbers. Legitimate recruiters require just your email address. If a recruiter is asking for more personal information, it is mostly a scam. Think before sharing.
- Any email or InMail message that asks you to click a link or open an attachment is mostly a scam. The attachment probably contains malware, and the link will probably take you to a fake website.
- Double-check the email addresses of messages purportedly from LinkedIn teams and avoid any email with a non-LinkedIn domain.
- Being a professional platform, spelling errors in a message is a red flag.
WHAT TO DO IF SCAMMED
- Report suspicious activities to LinkedIn at email@example.com.
- Delete any email you received from the scammer.
- Run antivirus if you downloaded an attachment from the scammer.
- If you provided any personal information to the scammer like password or bank details. Reset your passwords and contact your bank.
- Report fake/clone profiles.
Today, almost everything is done online and that is the scammers’ hunting field. They are constantly looking for new ways to scam unsuspecting victims. The best way to be safe online is to be aware of the common scams, identify them and know the tricks to avoid them.
Certfort Ltd Services:
Certfort is an ICT organization with highly experienced professionals that can help raise awareness of online threats and offer such services as:
- How to Protect your identity and be safe online e.g., never to share personal information online such as addresses, telephone, or email addresses.
- How to Protect your systems online by regularly updating systems and security software. An updated system is a secure system that is safe from hackers, scammers, and other online threats.
- Train you on the dangers of phishing attacks, how to identify a phishing email/link, and how best to avoid it.
Train you on how to use anti-virus software to remove malicious content from your system.