For years, cybersecurity specialists have recommended that social media users share as little information as possible in order to avoid all kinds of criminal campaigns driven by data available from public sources. Although our profiles on platforms such as Facebook, Instagram or Twitter increasingly have more security locks, there are still other websites with all kinds of private information, such as LinkedIn.
LinkedIn is a more professional social media platform where connections are of great importance. Usually, users must enter personal information such as CV, work experience and some contact details, as all this information is required for the creation of connections.
Given the vast amount of personal information that necessarily circulates on LinkedIn, the presence of threat actors posing as legitimate users is worrying, especially when the work of millions of users and their aspirations for professional development is at stake.
For many experts, this kind of risk will always exist in social networks, so the only solution is to know how to identify this kind of risks and knowing the best ways to avoid falling victim to cybercriminals.
Below, specialists from the International Institute of Cyber Security (IICS) list the main variants of attack on LinkedIn, as well as some to avoid becoming victims.
Fake job offers: One way to steal credentials involves well-paying job offers published in the platform. Fake job offers could take different forms, for example, a fake recruiter will offer a remote job with a good salary, ask for a registration fee, and disappear immediately after payment.
Whenever you receive a job offer, try to do your research to make sure you’re not being scammed.
Phishing: In this case, we talk about receiving an email informing you of an attempt to hack your profile; the email will have a link to click. The link will take you to a cloned LinkedIn page where you will be asked for your login details.
Remember always ignore any unasked email, as this may be the entry point for hackers.
Finally, to prevent you from being scammed through a fake LinkedIn profile, follow these advices:
- Always check your profile before accepting connection requests
- Research job openings, the recruiter, and the company you work for
- Never share personal information online
- Any email or InMail message that asks you to click on a link or open an attachment is mostly a scam
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.