The fact that scammers haunt social media platforms like Facebook and Twitter is not surprising—at the heart of those platforms lies the drive to broaden one’s horizons.
Those opportunities to learn more about the world, to find out what you love, and to engage with distant followers are certainly exciting despite the risk of connecting with new people who might be more foe than friend. Such is the dynamic nature of those platforms.
However, scammers are adaptable insofar as they are willing to stalk users even on more business-oriented sites where connections carry professional gravity.
This point is evident in how fraudsters use five common types of scams in an attempt to trick LinkedIn users.
SCAM #1: ADVANCED FEE/INHERITANCE SCHEMES
We have seen these 419 scams flood our Spam folders for years, so it is only fitting that we would come across them on LinkedIn from time to time.
Jennifer Jones, a partner at Social Media Today, explains how she came across one such scam when she was contacted by “Jonathan Salisbury,” who claimed he worked for the Royal Bank of Scotland as a Senior Relationship Manager in Corporate Banking.
The scam message informed Jennifer that she had inherited millions of dollars from a deceased relative and requested that she contact “Jonathan” via email if she were interested in claiming the money.
Had they connected outside of LinkedIn, “Jonathan” would no doubt have pressed for Jennifer’s financial information under the guise of a necessary money transfer processing fee. Jennifer would then have lost thousands of dollars in the process, and there’s no way she would have received her millions.
Fortunately, Jennifer was wise to the scam from the beginning. She never contacted “Jonathan” over email and instead reported the message to LinkedIn. If you ever receive an advanced fee scam message on LinkedIn, please make sure you do the same.
SCAM #2: FAKE (PAYING) JOB OFFERS
This scheme uses the same lure as the money-based “work from home” ploy I discussed in a previous article on Twitter scams. Instead of a tweet, users receive a LinkedIn message from someone claiming to be a job recruiter.
The spammer outlines the details of a high-paying job, the duties of which can be performed from anywhere. To assuage users’ skepticism, they commonly say that the offer is 100% legitimate. But when payday comes around, there’s no paycheck to be found.
Irene, a job seeker who had been working from home for several years, explains what happened when she fell for this scam:
“The sales manager contacted me through my LinkedIn profile and the owner interviewed and hired me,” she told FlexJobs. “It was all outbound calling. I worked for them for three weeks and two days, and out of the blue got a phone call they decided to ‘go in a different direction’ and said they would send my paycheck. It never arrived.”
In some instances, the company just disappears without a word in an attempt to avoid paying employees for their work. It is, therefore, important that users exercise caution if they are offered a job over a LinkedIn message. Reputable job-search sites, such as FlexJobs and Indeed.com are a better avenue for finding real, paying work.
SCAM #3: ILLEGITIMATE CONTACT REQUESTS
Sometimes a misleading message isn’t the worst part of a LinkedIn scam. In some cases, it’s connecting with another user who you might not know.
One of the most common ruses on LinkedIn is a fake connection invite email from another member. Alison Doyle, a job searching expert with About Careers, explains that the invite usually comes with a link that invites the user to either visit their LinkedIn inbox or to automatically accept the invitation. If the user clicks on the link, they are redirected to a website that downloads malicious software such as the data-stealing ZeuS malwareonto their computer.
Users should always be careful when clicking on suspicious links in their emails. If they receive an e-mail invitation to connect with another LinkedIn member, they should log into their accounts and review their connection requests there.
SCAM #4: DATING/ROMANCE SCAMS
Though LinkedIn is meant to be a platform for professional business connections, that doesn’t deter scammers from using the prospect of romance as a lure to reel in unsuspecting users.
Alexandra Cain of The Sydney Morning Herald recalls receiving a fake romantic missive in her LinkedIn inbox a few years ago. The message read as follows:
“I was surfing through when i came across your sweet profile, i must confess you sure do have a lovely and interesting page on here, have you been lucky to meet someone special on here? Have a blessed evening, hope to hear from you soon.”
These messages are no doubt meant to entice a user into communicating with the scammer off of LinkedIn. Once the scammer obtains the user’s email, they can store it for future spam campaigns. They can also work the user further and try to convince them to visit a website that hosts malicious software.
That is not to say that romantic connections are impossible on LinkedIn. But if someone is truly interested in you, they should at least address the message to you specifically, i.e. include your name, and not send out something generic. If it is the latter, they’re probably a spammer.
SCAM #5: SPEAR-PHISHING OR “WHALING” PLOYS
In order to market themselves to potential employers and professional business connections, many LinkedIn users flesh out their profiles with details regarding where they work, the causes that they support, and the skills that they possess.
Together, these bits of data provide scammers with more than enough information to launch spear-phishing –or in the case of executives, “whaling”–attacks against entire companies.
If one of those attacks succeeds and the scammer obtains access to an employee’s credentials, they could potentially gain access to sensitive corporate information and/or compromise the PII of thousands of workers, as was the case in the recent data dump of DOJ workers’ information.
To protect your account credentials against scammers, make sure that you treat emails from people you don’t know with caution. In particular, do not click on any suspicious links or open any unknown email attachments.
CONCLUSION
Social networking sites are a useful tool for connecting with friends and colleagues. But we must remember that like on any website, scammers prowl these platforms for unsuspecting users. As you build your connections on LinkedIn, remember to keep an eye out for the scams explained above. You can also learn about additional best security practices for social networking here.
Tripwire