The Fake Job Offer Scam on LinkedIn

Posted by Trevagh Stankard on Thu, Mar 4th, 2021

LinkedIn users have been targeted with fake job offers, as part of a social engineering scam.

LinkedIn is the success story of social media for business users. The platform has been around since 2003 and has over 740 million users across 200 countries. Unlike its consumer equivalents such as Facebook and Twitter, LinkedIn focuses on business networking, providing a way for industry folk to connect. Many use the platform to expand their professional network and use LinkedIn to keep up to date with industry news. It is also a popular platform for job searching. Like all social media, LinkedIn has its fair share of scams. With almost half of LinkedIn users having salaries of over $75,000, the platform is an attractive proposition for fraudsters.

One of the scams that comes up regularly on LinkedIn is the fake job offer scam.

 

 

How Does the Linkedin Fake Jobs Scam Work?

One of the useful features of LinkedIn is that recruiters and companies can reach out to LinkedIn users to make job offers. You can even set your profile as “open to finding a new job” which places you into a pool of users actively seeking work. And this system works; 122 million users received a job interview via LinkedIn. This is all great, but it also means that you can become a target for scammers.

The fake job offer scam on LinkedIn typically involves the scammer creating a fake or synthetic profile used to represent themselves as a recruitment agent or a senior person in a company. Once an account is created the scammer can then attempt to ‘recruit’ people to fake jobs and other scams.

Fake accounts can be set up on LinkedIn easily. All you need is an email address; to check this out, I used a private, @protonmail account, and was able to set up a Pseudonymous LinkedIn account in seconds.

Scammers will usually attempt to populate a fake account with connections to give it legitimacy. If they can even trick a single user into linking to them, this can create a snowball effect with connections of connections then linking in. With each new connection, the fake account looks more real and increases the level of trust. Once trust is established, the scammer has a greater chance of successfully tricking a target LinkedIn user into believing a job offer is real.

What Happens If You Fall Foul Of A Linkedin Job Offer Scam?

Scammers may attempt to build up a rapport with the target by sending friendly LinkedIn messages. This helps establish a relationship and build the all-important trust to ensure the next steps work. Once a LinkedIn user takes the fraudster’s fake job bait, typically the scammer’s next step is to use phishing methods to steal data. In many LinkedIn job offer scams, the victim will receive a PDF document with the job description. This document will either be infected with malware that will execute on opening, but more typically the PDF will contain a link. This latter technique is often used to evade antivirus software. If the recipient clicks on the link, they are likely to be taken to a website set up by the fraudster to collect bank account details for payroll functions.

Things To Look Out For When Receiving A Linkedin Invite

Security awareness is not just for phishing emails. Understanding the tricks of the LinkedIn scam can help avoid becoming a victim. Here are some of the tell-tale signs to help spot a fake LinkedIn user:

The connections: Check out the account holder’s connections and shared connections. Scammers generally have few connections. If they say they represent a certain company, do they have connections in that company?

The company: Sometimes scammers go as far as to create a fake company. Do some digging and see if the company exists.

Other details:

Names: Often scammers use common names, like John or Jane to try and avoid any alarm bells. This, along with other warning signs, might be enough to ring the scammer bells.

Profile photo: Also, the profile picture might be a giveaway. Scammers are known to do online searches to find photos of real people to use in their profile picture. If you do a Google reverse image search you can see if the photo matches the name. You can do this using Chrome, by right clicking on the profile picture and choosing “search Google for image”.

Endorsements: Even scammers can be endorsed, but usually the endorser is also a scammer. If you are suspicious, check out the details of those who have endorsed the suspicious account holder in the same way you check out the scammer.

Profile information: Check out various aspects of the profile. Does the profile contain a lot of spelling mistakes, does their work history and education fits their persona?

LinkedIn is used for many types of scams. If the fraudster can use LinkedIn to create an account that looks legitimate, they can create trusted relationships with LinkedIn users. Once trust is established, the next steps involve phishing and other methods to extract data and money from targets.

Phishing is increasingly sophisticated, and even security aware individuals can be caught out. The use of web content and DNS filter protection can stop employees’ visiting a malicious website. Also, smart DNS filtering tools allow IT teams to block malware downloads, monitor internet activity, and carefully control the types of websites remote users can access on corporate devices.

If you believe you may have been involved in an attempted scam you can report the scam details to LinkedIn.

Protect your employees and your organization from scams such as the LinkedIn job offer scam with WebTitan. WebTitan is a multi-award-winning web content & DNS filter solution. Try WebTitan out today, start a 14-day free trial.

For additional protection, check out SpamTitan which is a leading Barracuda Essentials alternative for email protection.