esg wood building blocks net zero recycling co2 green
Doing Environmental Social Governance Right – The First Time
10 August 2022
HP laptop tablet mouse travel pouch outdoors stone
Overcoming your IT challenges with a Managed IT Service
12 August 2022
esg wood building blocks net zero recycling co2 green
Doing Environmental Social Governance Right – The First Time
10 August 2022
HP laptop tablet mouse travel pouch outdoors stone
Overcoming your IT challenges with a Managed IT Service
12 August 2022

Conversations for Change: How to be fraud savvy on social media

As a social platform, LinkedIn is the go-to for people wanting to do business. However, as with all social platforms, some profiles have more devious aims in mind - so here's how to be fraud savvy when networking on social media.

 

With more than 645 million users in 200+ countries, LinkedIn has a reputation for being THE social platform for professionals. However, the level of trust that this status creates is a double-edged sword – since most users naturally expect fellow profiles to be as legitimate as they are, they leave themselves open to being scammed.

While you continue to use LinkedIn to network with other professionals, there are three particularly dangerous types of scam profile to be on the lookout for. Once you see an account matching these behaviours, report the profile on LinkedIn and notify your IT department to prevent an attack on someone else.

In the meantime, remember: always be cautious of link redirects and attachments; whether they come through LinkedIn, emails, or otherwise.

Identity Thieves

Of course, even the simple act of connecting with a LinkedIn profile can be a potential threat to you. Accepting a connect request with a fake profile automatically gives them access to information you have listed on your profile – leaving them free to copy that information and set it up as a clone account. Armed with this account that looks identical to yours, there’s nothing stopping the scammer from fooling your other connections – leaving you to pick up the blame; with your reputation tarnished.

Another tactic could be to offer an exciting opportunity in exchange for personal details such as your email address, phone number, and even bank details – and because the offer is so enticing, people often don’t think twice.

Always look through any connection requests thoroughly before allowing them access to your information. Look out for key signs like a low number of connections, or bad spelling – but to be safe, simply do not connect with anyone you don’t recognise.

Spear Phishers

Thanks to the amount of information that is available on your LinkedIn profile – organisation, location, job function, certifications, position - phishers have everything they require to craft their attacks to be more personal to their targets; thus, making them more likely to be believable at a first glance. This is known as spear phishing,

One of the most common spear phishing tactics is the use of a fake profile, set up to look like an employee of your organisation - and from there, they will seek to connect with you and as many of your colleagues as possible in order to increase their legitimacy. They will then seek to build trust through LinkedIn interactions, with the eventual aim being to send you a malicious link or attachment when your guard is down.

Phishing has been covered in more detail here.

Now, LinkedIn spear phishers can usually be revealed by simply asking around your organisation - a HR colleague would be a good first port of call. However, another quick way to check is to use the Address Book feature on email systems such as Microsoft Outlook; which allows you to find legitimate accounts within your business. If your new prospective connection isn’t there, there’s a good chance they aren’t who they say they are.

Phony LinkedIn Support

Another common scammer method is to set up a proxy address – which will look very similar to a LinkedIn tech support email. This email will usually claim that your LinkedIn account has issues; such as unusual activity, a failed payment, or it being hacked – and because these things usually invite a quick response, a lot of people don’t stop and think before clicking the link.

Once clicked, the link - which looks as though it will redirect you to your LinkedIn account – allows scammers to input software into your computer’s flash memory. This can range from a Trojan, which is able to monitor your keystrokes in order to record passwords – or, even worse, ransomware; which can encrypt parts of your computer system to stop you from accessing them until a ransom is paid.

If you are to ever receive one of these emails, do not click the link – instead, forward it to phishing@linkedin.com, and open LinkedIn through your browser normally. Invariably, there was nothing wrong with your account at all, and you have nothing to worry about.

 

Now, use of any social media platform comes with risk – and while LinkedIn is no exception, the aim of this article is simply to raise awareness of possible dangers. Armed with this knowledge, you will now be able to spot and sidestep scams more easily, whilst still continuing to use LinkedIn to network with other professionals as before.

For more news and insights from Apogee, follow us on LinkedIn.

 

Conversations for Change by Apogee Corporation

Our goal is not only to educate you but to drive what Apogee Corporation can do. While at Apogee we aspire to always do more, we know that this is a continual learning experience, come with us on this journey as we delve into these subjects which are close to the hearts of so many.

You can follow the conversation on our website and engage with us on our social media by using #ConversationsForChange.

Latest insights

26 September 2023

Apogee Corporation returns to participate in The Great British Beach Clean, removing 49kg of litter from Britain’s beaches

In partnership with the Marine Conservation Society, Apogee volunteers have once again helped to keep the UK’s beaches clean in Kent and Lincolnshire.

Keep up to date with all the latest in Managed Print services.