Like any war, the details fo the arms race reveal a lot about the sensibilities of the battlefield. For scammers, the truest victory is the one that remains unnoticed. They don’t plant flags, they just take the territory and use it to take the next plot of land.
Even wary people drop their guard when it comes to commerce. The Medieval period is rife with tales of armies posing as merchants. The rash of LinkedIn phishing scams is only the latest iteration of this ignoble trend.
Data breaches happen all the time. Right now, more than ever, the world is weary which means you need to be wary of threats posing as assistance.
Knowing the common tactics helps you ruin these expeditions and keeps your employees and your business safe.
LinkedIn Phishing Tactics
Like other social media platforms, LinkedIn is a popular target because it features numerous daily users. With a reported 675 million members to the site, it takes no stretch to see why phishers would use it to ply their trade.
Also like other social media, it gives phishers an automatic foot in the door to contact you and spread malware or pick up data.
Unlike Facebook, where those most prone to accept random invites are also the least prone to click on a link or a provided article, LinkedIn users trend toward the professional.
The purpose of the site is to make contacts that enhance a user’s profile and help them to gain or improve their employment.
In this atmosphere, it’s easy for users to get into a habit of opening every message and request they receive.
These messages may even be sent by contacts that the user knows. Hijacked accounts are frequently used by scammers over fake LinkedIn profiles.
These add credibility and trust. It’s almost ironic that in doing so, phishers basically use the platform to expand their own business interests.
The second most popular LinkedIn scam utilizes fake job offers. A scammer sends a message built out of details of the hopeful job seeker’s profile and offers them a too good to be true position. They just need some information to get that started.
Scammers don’t have to pose as people in the trenches when they can pose as officers.
Acting as an agent of LinkedIn, these phishers ask for users to follow links and open files to improve results, answer surveys, or to keep their membership.
Just as in other attempts, these might come from hijacked LinkedIn emails or bogus, easier to spot fakes.
Hijacked professional contacts and fraud accounts alike attempt to gather information by sending out shared documents. These are made to look like career-building documents or project shares.
When these documents are opened, trouble starts almost immediately. In a flash, the computer gets to work handing out your information or redirecting the user to illegitimate sites.
Establishing policies for how you and your employees use social media is important. Review these policies often and make use of secondary verification. Stop LinkedIn phishing by staying up to date on the scams going around.
Information security is a product of vigilance. Bring along some back up by contacting us about our service.