Fake LinkedIn Profiles Are Increasing; Becoming Difficult To Identify
October 07, 2022 By Omal J
(Image Credit Google)
Even if creating phony social media profiles to deceive people is not a novel strategy, this new effort stands out from the others because of something nasty about it. According to detailed research published on the KrebsOnSecurity blog, fraudsters have been creating profile images of fictitious persons using artificial intelligence (AI) and matching that data with job descriptions stolen from
real people on LinkedIn.
Thus, by doing this, they produce fake profiles that are nearly impossible for most users to spot as such.
Various use cases
Users have seen an increasing pattern where suspect accounts try to join different invite-only LinkedIn groups. And only after receiving dozens of these requests all at once and realizing that nearly all of the profile images are identical are group owners and administrators able to identify what is happening (as in, same angle, same face size, similar smile, etc.).
Furthermore, the researchers claim they have contacted LinkedIn customer service, but the platform has not yet discovered its silver bullet. However, one strategy it's using to address this issue is asking certain businesses to give a complete list of their employees, after which it bans all accounts that claim to be working there.
Moreover, the researchers are having trouble deciphering the specific purpose of this flood of bogus professionals. In addition, they are not being able to identify who is responsible. Evidently, the majority of the accounts aren't watched over. Also, they aren't making posts or replying to messages.
According to cybersecurity company Mandiant, hackers use these accounts to attempt and get jobs at cryptocurrency companies. The reason is that the initial stage of a multi-stage attack involves siphoning off the company's assets.
On the other hand, others believe this is a part of the age-old romance scam, in which pretty pictures lure unsuspecting victims to invest in phony cryptocurrency projects and trading platforms.
Additionally, there is evidence that organizations like Lazarus utilize phony LinkedIn profiles to disseminate malware, viruses, and other malware among job seekers, particularly in the cryptocurrency sector. And finally, some people think that in the future, bots might be employed to spread false information.
How did LinkedIn respond?
In response to KrebsOnSecurity's investigation, LinkedIn stated that it was considering the idea of domain verification to solve this growing issue. In a written response, LinkedIn said: "This is an ongoing challenge and we’re constantly improving our systems to stop fakes before they come online."
"We do stop the vast majority of fraudulent activity we detect in our community – around 96% of fake accounts and around 99.1% of spam and scams. We’re also exploring new ways to protect our members such as expanding email domain verification. Our community is all about authentic people having meaningful conversations and always increasing the legitimacy and quality of our community," LinkedIn added.
By Omal J
I worked for both print and electronic media as a feature journalist. Writing, traveling, and DIY sum up her life.