A couple of weeks ago I received a LinkedIn connection request from what appeared to be an attractive young lady of Asian descent. She claimed to be a senior engineer with a prominent U.S. technology company. While immediately suspicious of the profile, I decided to search for other similar profiles linked to this same company.
I identified more than 150 which were created within the previous two to three months. All the profile pictures, many of them computer-generated, were of attractive female and male employees who obtained their undergraduate degree in China, worked for a Chinese technology firm, received their graduate degree from a prestigious U.S. firm, and then obtained a position with this U.S. company. Most of them had under 100 connections. While not writing their own posts, they were aggressively placing likes and/or reposting articles uploaded into the feeds. I immediately brought them to the attention of a senior security executive of the firm.
I, as well as many of my colleagues, are experiencing what appears to be a plague of fake profiles on LinkedIn. As of this writing, LinkedIn claims to have 930 million total profiles. They have also self-reported taking down approximately 80 million fake profiles during 2022. While there are no official estimates regarding the current number of fake personas on LinkedIn, my personal assessment is that they very likely exceed 11 percent. If so, that is more than 102 million.
Many of these profiles will claim to have employment with a prestigious U.S. company. As one example, more than 1,000 fake profiles claiming employment with SpaceX were discovered back in July 2022.
What is the purpose behind these fake profiles?
There are several reasons, depending on the type of human hacker:
Intelligence services use fake profiles to gain access to their targets of interest. The intended purpose is to cultivate them as potential intelligence sources.
Industrial competitors may use fake profiles to collect sensitive information regarding the company where the victim works.
Criminals create fake profiles predominantly for conducting spear phishing attacks. Just as an email can carry malicious links to be clicked on or malicious files to be opened, so too can the messaging feature within LinkedIn.
A more recent development is the creation of fake profiles by fraudsters to connect and develop personal relationships with unsuspecting targets. Having a profile of an attractive, well-educated, and well-placed employee in a prominent company serves to lend credibility.
After gaining additional trust, the person behind the fake profile will engage their victims in fraudulent Bitcoin scams.
What is the harm in connecting?
Every time you connect with a fraudulent profile, you become an unwitting accomplice in their ultimate scheme. Even if you are not the intended target, you lend credibility to who they pretend to be. Seeing that you and other individuals within your circle are already connected, the next victim is more likely to trust and connect with this same fake profile.
How to prevent falling victim to these luring, yet malicious, connection requests.
Avoid accepting a connection request from anyone whom you do not personally know. If you wish to grow your network by adding unknown personas, follow these procedures:
Carefully review the text of the profile for clarity and logical flow. Grammatical errors or significant gaps in time are red flags (Cautionary note: AI tools, such as ChatGPT, will help fraudsters improve upon their profile narrative).
While too few connections are a red flag, having more than 500 does not add any credibility. Having numerous mutual connections or endorsements by other members does not add any credibility. Unfortunately, many LinkedIn members accept connection requests as well as endorse people whom they do not know.
Observe the image and consider conducting a reverse image search on Google to see if the image was taken from someone else. (Cautionary note: Fraudsters are increasingly using computer-generated images to defeat this vulnerability.)
Conduct Google searches on this persona. If the only hit which surfaces is this LinkedIn profile, it is likely fake.
What should I do if I detect a fake profile?
If this person is already one of your connections, consider removing them.
If it is an incoming connection request, do not connect.
Consider sending a note to mutual connections who may have already connected with the profile.
Report the fake profile to LinkedIn.
While we cannot eradicate this problem, our proactive fight against fraudulent profiles can help prevent one of our colleagues or family members from becoming the next fraud statistic.
About the Counterintelligence Institute
Founded by former CIA senior intelligence officer Peter Warmka, the Counterintelligence Institute’s mission is to assist your corporations, government offices, academic institutions and non-profit organizations in protecting your sensitive information and personal data records against security breach attempts. Our online and onsite training services focus on transforming the human factor from being the weakest link in security to becoming the most effective defensive tool against security threats against your company and personal life.