SIUSTO
Life & Technology

Top LinkedIn Scams And How To Protect Yourself And Your Personal Information

0

Two professionals join LinkedIn every second.

By the end of 2018, the popular professional online network had 590 million users, with America having the highest number, and the remaining percentage of users living in 200 other countries and territories worldwide.

That’s a huge number for any business whose target audience is professionals and the B2B market.

This is probably one of the reasons why it’s users are sometimes the target of LinkedIn scams, by people who send emails that mimic those sent from LinkedIn, but are not.

The LinkedIn InMail service – another avenue scammers use – has a response rate that’s 300 percent higher than email. In fact, LinkedIn says that between 10-25 percent of InMail receives a response.

LinkedIn-InMail
via LinkedIn Business Solutions

What’s more, you can buy ‘sponsored’ InMails to target leads, banking on LinkedIn’s promise that each person will receive only one sponsored message every 45 days.

For scammers, this means their messages are very likely to get noticed by the millions of users on the platform.

Instead of spending hefty amounts on sponsored messages however, scammers devise crafty schemes that’ll get them noticed by you, without necessarily screaming ‘hacker’.

Ultimately, they steal your personal information or infect your computer or other device with malicious software.

What follows are the most common LinkedIn scams and how you can spot them so you can protect yourself, and your personal information.

Contents

Fake Invitation to Connect

Among the common LinkedIn scams is one that invites you to connect with another member, but it is fake.

The email looks as authentic as a LinkedIn email, sometimes even having the LinkedIn logo, but, the difference is in the links in the message.

You’ll find a call to action asking you to “accept” or “ignore” the invitation to connect, or click on a “visit your inbox now” link.

Once you click on any of the links therein, it brings you to a website that’s compromised and downloads malware to your device or computer.

Sometimes they’ll use InMail to contact you directly, and drop a link to a spam website or scam in your inbox.

Fake Request for Information from ‘LinkedIn Administration’

fake-linkedin-email
via 360 Total Security Blog

In 2012, Russian hackers used fake emails under the guise that they were LinkedIn Administrative team, and collected and leaked passwords from millions of users.

Here’s how it works: you get an email asking you to confirm your password and email address. Sometimes the message says that due to inactivity, your account has been blocked.

A hyperlink may be added asking you to click on it to “confirm your email address”. Once you click on it, it brings you to yet another compromised website, but this time it looks similar in branding to LinkedIn’s official site.

From there, you’ll be asked to enter your email and password, and the scammers take your information and use it for phishing activity across the web.

Fake User Profiles

fake-LinkedIn-user-profile
via Malwarebytes Labs

It is important to verify invitations from people, especially those you don’t know before connecting with them on LinkedIn.

Scammers use fake profiles to lure you into their trap, but one of the telltale signs of a fake user is their profiles have very limited job and company information.

Once you accept their invitation, their next move is sending you a message that contains a link to a scam.

How to Protect Yourself and Your Personal Information

  • Look at the sender’s email address and avoid anything that isn’t from the LinkedIn domain
  • Emails with poor language, grammar, or bad spellings are likely scams
  • Emails asking for personal information like passwords or security numbers and the like, beyond asking for an email address are spam
  • Authentic LinkedIn emails have security footers on every email, but this isn’t a guarantee that it isn’t a scam. Just avoid clicking on any links.
  • Before clicking on a link, hover over it to see it’s URL. If it isn’t linked to a LinkedIn webpage, it’s a scam
  • Log in to your LinkedIn account to confirm that the same notice is in your InMail, if you doubt the email’s validity
  • If you forget your password, LinkedIn will ask you to enter your email address only, and then you’ll receive a link to reset the password

Have you been a victim of any of these LinkedIn scams? Tell us your experience below.

 

Leave A Reply

Your email address will not be published.