LinkedIn is becoming the new website hackers are using to target potential victims, according to online security firm Symantec.
According to BBC, the scammers are posing as recruiters, connecting with users which ultimate leads them to a network of emails, address books, contacts and phone numbers.
While the security firm has confirmed it is working with LinkedIn to remove hacker accounts, they have revealed that the scammers are quickly gaining trust with users before downloading malware onto their personal computers.
Speaking about the discovery, Symantec researcher Dick O’Brien said:
“LinkedIn users expect to be contacted by recruiters, so this ruse works out in the scammers’ favour.
“Most of these fake accounts have been quite successful in gaining a significant network – one had 500 contacts. Some even managed to get endorsements from others.”
The hacker accounts tended to use information copy and pasted from other professionals’ profiles, with profile pictures taken from stock image sites.
The profiles also listed skills and training qualifications such as “reservoir engineer”, “exploration manager” and “cargo securement training” to increase their visibility on LinkedIn’s search engine.
For those concerned they had connected with a hacker account, O’Brien suggested pasting the job summary into Google to see if multiple accounts were linked to the information. Other safety precautions include performing a reverse image search to track where images may otherwise be appearing online.
In response to the news, LinkedIn released a statement to the BBC citing:
“We investigate suspected violations of our Terms of Service, including the creation of false profiles, and take immediate action when violations are uncovered.
“We have a number of measures in place to confirm authenticity of profiles and remove those that are fake. We encourage members to utilise our Help Center to report inaccurate profiles and specific profile content to LinkedIn.”