Busy in job hunting? Be very careful about this ‘Fake Companies’ phenomenon that cybercriminals have launched on LinkedIn.
An analysis on the KrebsOnSecurity blog has said that these threat actors are using artificial intelligence (AI) and creating bogus profiles and stealing job descriptions from the original accounts.
The tech website recently examined a series of such profiles, with all of them claiming to be Chief Information Security Officer (CISO) roles at various Fortune 500 companies, including Biogen, Chevron, ExxonMobil and Hewlett Packard. It also double-verified the statements from LinkedIn users and readers who confirmed the presence of these bogus accounts. Even invite-only LinkedIn groups are getting attacked by these scammers.
While the job searching portal has been reached out on this matter by experts and researchers, no solution has been found so far. The United States-based firm is asking the affected companies to submit the full employee list for verifying the staffer details and banning the bogus accounts on its platform.
As per Cybersecurity firm Mandiant, cybercriminals are using these accounts to get into cryptocurrency firms, before drying up the target companies’ funds. Some experts have even touted this as some sort of romance scam, where victims are lured into fake crypto platforms.
There has been evidence of threat actors using fake LinkedIn accounts to spread malware and viruses, with a specific focus on the crypto sector.
Responding to the KrebsOnSecurity report, LinkedIn said it is mulling the idea of domain verification against this menace.