LinkedIn has become one of the most popular social media networks in the world, as it has a reported 675+ million users. While it can provide a perfect forum to connect with potential employers, clients, and business associates, it can also be a haven for online scams.
For instance, a cybercriminal might send emails that are seemingly from the social network; however, it could result in a user downloading malicious software or a virus. For this reason, it is imperative to familiarize yourself with the potential risks to avoid falling victim to a cyberattack. Find out about the biggest LinkedIn scams to avoid in 2020.
LinkedIn Spear-phishing
While social media can help individuals and businesses to build a strong online presence, some vulnerabilities could pose a risk to their network and data.
For example, LinkedIn spear phishing will appear as an email from either a business or individual you know; however, it is a cybercriminal trying to steal your:
- Credit card information
- Bank account details
- Passwords
- Personal information
Many cybercriminals will dedicate time to developing targeted LinkedIn phishing emails to trick a person into revealing their sensitive information.
Fake Profiles
Unfortunately, social media is rife with fake profiles. The likes of Facebook, Twitter, and Instagram can often serve as a haven for bots and fake celebrity and influencer accounts, and they are becoming an increasingly common threat on LinkedIn.
As LinkedIn members are often encouraged to reach out to professionals to form strong relationships, the fake profiles can perform well on the platform. Plus, as many members are often eager to secure 500+ connections, it is common for them to be less than picky when building their network.
Once connected with a fake profile, you could provide a hacker with access to your email address, and they could then attempt to work out other employee emails from the brand based on the email syntax, which could lead to a LinkedIn spear-phishing attack. While it might seem like a convoluted process, cybercriminals will go to great lengths to gather information to infiltrate a network and steal sensitive data.
It is, therefore, critical to be selective when forming connections on LinkedIn, as well as other social media websites. For instance, you can review the legitimacy of a profile by:
- Performing a reverse image search on a profile photo
- Checking their company name does exist
- Reviewing their connections
- Checking their profile is complete
While the above tactics do not guarantee you will not be connecting with a fake profile, it could reduce your chances of becoming a cybercriminal’s next victim.
Employment Scams
Many hackers will use a member’s ambition and determination against them, as they could pretend to be a prospective employer or recruiter providing a high-flying job. For example, they might state you could make a substantial amount of money working from home or when employed as a mystery shopper or personal assistant.
To protect your data, you should look for common signs of an employment scam, such as:
- Poor grammar – look for grammatical errors and misspellings.
- Financial requests – never send your bank information or make a payment when completing a job application. A legitimate business would never ask you to do so.
- A compensation promise – a promise to pay a considerable lump sum in your first year or a signing-up bonus.
- A brand impersonator – a profile might mirror an established brand but might not feature a link to a website or provide an incorrect domain name or business phone number.
Caution is essential when connecting with a potential employer via LinkedIn. For peace of mind, you should confirm a brand’s identity on the likes of Google, and you must ensure a sender’s information correlates with the company, such as their phone number, social media handles, email addresses, or web domains. If they do not feature this information on their profile, it is also a red flag that they are not who they say they are.
Disguised Malware
It is essential to proceed with caution when visiting a member’s LinkedIn profile. There is currently a black market for LinkedIn profiles with a significant amount of connections. Cybercriminals might buy the established profiles and then add a malicious link, which could be disguised as a job-related URL. As a result, you could download a form of malware, which could gain access to your computer, steal your financial information, and/or send spam to your email contacts.
Again, review a profile’s photo before you click on a link, as a stock photo should be a significant warning sign. Also, avoid profiles that feature a generic summary, URL shorteners, or an extensive list of vacancies with limited information. It could prevent you from clicking on a harmful link that could infiltrate your computer and steal your data.
How to Act If You are Scammed
The most cautious of people can fall victim to a scam online, as intelligent cybercriminals will go to drastic measures to encourage you to reveal your personal data or click on a malicious link. If you suspect you have been scammed, there are various actions you can take to protect your information, network, and finances.
For example, you should immediately delete a scammer’s email from your account, and you also should report it to LinkedIn to ensure no-one else falls victim to the deceptive tactic. If you have clicked on a malicious link, run an antivirus or spyware program, and delete your cookies. Also, if you have provided a scammer with information on your bank account or your password, you should quickly notify your bank and change your password.
Conclusion
Cyber security awareness is essential when using any form of social media, including LinkedIn. While most people on the platform will have genuine intentions, there are sadly many unscrupulous cyber criminals who will try to gain access to your network, sensitive data, and finances. It is, therefore, essential to bear the above scams in mind each time you log in to the networking site.