Sign up for our newsletter!
Its investigation uncovered dozens of fake accounts on the social network, across a variety of industries.
Posing as recruiters, the fake accounts allow hackers to map the networks of business professionals and gain the trust of those in them.
By making these connections, criminals can entice users to give up personal details, direct them to malware-laden websites and, if they can get their email addresses, launch spear-phishing campaigns - targeted emails that aim to steal personal information.
"LinkedIn users expect to be contacted by recruiters, so this ruse works out in the scammers' favour," it said in its report.
Under the guise of a recruiter, these fake LinkedIn accounts have an easy entry point into the networks of real business professionals. Real recruiters already use the service as a way to find potential candidates. LinkedIn users expect to be contacted by recruiters, so this ruse works out in the scammers’ favor.
Most of these fake accounts follow a specific pattern:
Fake profile photos
Many of these fake LinkedIn accounts use unoriginal photographs. Their profile photos were found on stock image sites, other LinkedIn profiles, or other social networking sites. We were able to confirm this by using reverse image search tools like TinEye and Google’s Search by Image.
The fake LinkedIn accounts stuff their profiles with keywords like "Reservoir Engineer", "Exploration Manager", and "Cargo Securement Training" to gain visibility through the site’s built-in search functionality. During our investigation, we found recruiter accounts keyword-stuffing terms tied to the Logistics and Oil and Gas industries.
LinkedIn advice: Be skeptical
Users of LinkedIn should be very skeptical of who they add to their network. If you’ve never met the person before, don’t just add them. We weren’t surprised to learn that these fake LinkedIn accounts received endorsements from real users.
There are a few ways users can identify these types of accounts: