A recent report from Check Point Research has uncovered a startling statistic: nearly half of all global phishing attacks involve the impersonation of LinkedIn, the business platform owned by Microsoft.
Scammers often exploit LinkedIn by targeting individuals seeking new job opportunities or career changes. While emails with subject lines like "You have 1 new invitation" or "Your profile has been viewed by 63 people" may seem legitimate, it's crucial to verify the sender's email address to confirm it's genuinely from LinkedIn. These impersonators craft emails that mimic authentic ones, directing recipients to fake LinkedIn pages designed to steal their information upon entry.
Cybercriminals also create fake profiles to message users about job opportunities. Once they've gained a victim's trust, they may request a small upfront payment to process the application—money that will never be seen again—or provide a link to a form that is actually a phishing site in disguise.
LinkedIn is aware of these issues and is actively working on advanced security features to protect its users. Here are three security measures currently in place:
- Suspicious Message Warnings - LinkedIn's technology can identify messages from individuals attempting to move conversations off the platform or those containing potentially inappropriate content, and it will alert you with a warning notification.
- Profile Verification - This feature enables you to confirm the authenticity of your page. By providing an additional form of identification, you can obtain a verification badge on your profile, assuring viewers that you are genuine. This is particularly valuable because scammers frequently target new victims and create pages that are quickly shut down, so they rarely keep their information current.
- Profile Information - This feature enables you to view detailed information about someone's profile, assisting you in deciding whether to respond to a message, accept a connection request, trust an offer, and more. To access this, go to your profile, click on "More," and then select "About this profile" from the drop-down menu. You'll find information such as:
- When the profile was created
- When the profile was last updated.
- Whether the member has verified a phone number.
- Whether the member has a work e-mail associated with their account.
- AI-Generated Profile Picture Detection - Scammers are leveraging AI to create convincing profile pictures of nonexistent individuals, which they then use to set up fraudulent profiles aimed at deceiving users. Alarmingly, research conducted by LinkedIn revealed that users typically could not tell the difference between genuine faces and these AI-generated images. In response, LinkedIn collaborated with academic institutions to develop and implement sophisticated detection tools. These features enable LinkedIn to identify and remove AI-generated profile pictures and associated fake profiles before they can cause any harm.
Do you utilize LinkedIn to search for jobs, hire employees, or attract clients? While it's an excellent business tool, maintaining security is crucial. LinkedIn's features offer initial protection, but they are only the first line of defense. If someone in your organization were to fall for a scam and click on a malicious link, would your internal security measures be sufficient to safeguard your network?
We can help you find out. We'll do a FREE consult to help you determine if your network is vulnerable to any type of attack. To book yours, call us at 914-923-0161