The Growing Threat: LinkedIn as a hunting Ground for Cybercriminals

In the vast digital landscape, where professional networking platforms intersect with personal branding and business connections, LinkedIn stands out as a powerful tool. Boasting a user base exceeding 1 billion globally, it has evolved into the preferred platform for professionals, executives, and thought leaders spanning diverse industries. However, beneath its polished exterior lies a darker reality: LinkedIn is increasingly becoming a hunting ground for cybercriminals.

Mirthe Van Brussel on March 01, 2024 Average reading time: 3 min
Share this article:
The Growing Threat: LinkedIn as a hunting Ground for Cybercriminals
The Rise of Fake Profiles and Scams:
  • The Fake-Recruiter Phenomenon: Both individuals and companies are creating deceptive profiles and impersonating legitimate recruiters. These “fake recruiters” harbor malicious intentions, ranging from information theft (particularly sensitive business data) to phishing and fraud. Imagine a scenario: a job seeker receives an enticing message from a supposed recruiter offering a dream job. Unbeknownst to them, it’s a trap set by cybercriminals to steal confidential information or commit financial fraud. Or like North Korea, who is using ChatGPT and other AI tools to scam LinkedIn users – and ultimately fund its nuclear weapons program.
  • The Figures Tell The Unfiltered Truth: With a staggering 1 billion profiles, LinkedIn presents a treasure trove for cybercriminals. Shockingly, just two companies TopSocial24 and SocialBD24 managed to create a significant portion (0.04%) of all accounts on the platform. 2 companies created 000 fake profiles in total. A simple 2FA (two-factor authentication) for all users can prevent this. Also, it cleans up death profiles and makes the user base more valuable. But it will possibly also make several hundreds of millions of profiles ‘disappear’.
  • LinkedIn is too open with almost no protection for its users. Compared to platforms like TikTok, Facebook, and Instagram, LinkedIn’s focus on professional connections fosters a more open and transparent environment, making users easier to find, for example, Google. Unfortunately, this openness also translates to less control by users over their accounts, data, and privacy. An interesting hunting ground for people with the wrong idea. The privacy of users should be more protected.
  • CEO Fraud and Targeting New Employees: One of the most concerning threats is “CEO fraud”. Cybercriminals identify new employees, especially those in key positions, on LinkedIn and approach them, impersonating company executives. These unsuspecting employees, believing they are following legitimate instructions, may inadvertently divulge sensitive information or even transfer funds to fraudulent accounts.
Beyond Scams: The Looming Threat of Influence

While the world focuses on social media giants like Meta, for influencing the US and EU elections, the potential for similar manipulation on LinkedIn shouldn’t be disregarded. The platform’s increasing use for non-professional communication, coupled with the ease of creating fake accounts, creates fertile ground for:

  • Spreading Misinformation: Malicious actors can exploit LinkedIn to disseminate false information, manipulate public perceptions on professional topics, and influence business decisions.
  • Astroturfing: Fabricated accounts can be used to create the illusion of widespread support for specific individuals, companies, or ideas, swaying public opinion and potentially impacting market trends.

The recent revelation of services such as TopSocial24 and SocialBD24, providing the establishment of “troll armies,” underscores how effortlessly malicious entities can manipulate online conversations on platforms like LinkedIn.

Combating the Threat: A Multifaceted Approach:

While LinkedIn acknowledges the issue of fake accounts and has taken steps like legal action and verification initiatives, more needs to be done. Implementing stricter measures like:

  • Two-Factor Authentication: Implementing robust security measures, including two-factor authentication, is crucial for LinkedIn. This would significantly reduce the prevalence of fake and inactive accounts, enhancing platform security.
  • Privacy by default: data and privacy control is now a ‘hidden’ option for LinkedIn users. But this should be organized by default like companies such as Work-ID, SkillsCV, and CV Wallet are organizing. It’s to the user to adjust these privacy rights and make them losers. Not the other way around.
  • Promoting User Awareness: It is crucial to educate users about the potential dangers associated with sharing sensitive information and engaging with dubious profiles. Regular alerts and reminders about scams, phishing, and fraud can empower users to safeguard themselves.
  • Vigilance and Reporting: Users must remain vigilant. Thoroughly research the company and the recruiter before engaging in any communication or sharing personal details.

Legitimate recruiters usually communicate using professional email addresses linked to the company they represent. Reporting suspicious profiles and content is essential for maintaining a safe and secure platform. LinkedIn provides tools to report fake profiles. Reporting of ‘wrong’ recruiters can also be done on the recruiter rating platform Recruiterscorecard.com

In a world where influence can shape destinies, LinkedIn’s potential impact cannot be underestimated. As we navigate the digital landscape, let’s recognize both its promise and its perils. LinkedIn, and Microsoft as owners, should protect the privacy of their users. Not to give a carte blanche to cybercriminals, trolls, and political influencers to make LinkedIn a hunting ground for potential victims. And that is besides the additional protection of women that is needed.

 

 

If you liked this article and want more insights on attracting and retaining the best talent in Europe, subscribe to ToTalent’s weekly newsletter. You’ll get exclusive content, events, and expert insights.

Tags:
Share this article:

Premium partners View all partners

Intelligence Group
Ravecruitment
RecruitAgent
Recruitment Tech
Timetohire
Werf&

Read the newsletter about total talent acquisition.