LinkedIn is unfortunately not immune to scams! Fake job postings are invading the professional social network, with scammers going so far as to develop fake recruitment processes using AI.

LinkedIn is unfortunately not immune to scams Fake job postings

LinkedIn is unfortunately not immune to scams! Fake job postings are invading the professional social network, with scammers going so far as to develop fake recruitment processes using AI.

Social networks are popular with hackers and other bots – automated computer programs that simulate the behavior of a human person – and LinkedIn is no exception. However, the platform has so far managed to keep a serious and reliable image – a false sense of security perfect for the user to let his guard down. In the professional world, LinkedIn is an essential tool for keeping in touch with colleagues and clients, finding a new job, gaining visibility and keeping up to date with news in your sector of activity. However, despite its apparent safety, many scams abound there, especially in these times of crisis.

According to FinancialTimes, scammers are taking advantage of the popularization of telework and massive job cuts in the tech sector – even giants like Meta, Google, Dell, Disney+ or Amazon are no exception – to pose as recruiters, and thus obtain the personal and banking information of job seekers present on the professional social network. So, last month, cybersecurity firm Zscaler revealed an extensive scam scheme targeting a dozen US tech companies – including Zscaler itself, software developer Intellectsoft and software company Zuora company. Cybercriminals go through job sites such as Indeed, but also through the messaging system integrated into LinkedIn (InMail), and do not hesitate to go to great lengths to deceive their victims.

LinkedIn scams: a trend that benefits from the crisis in the tech sector

The scammers constantly redouble their ingenuity to achieve their ends. Some have not hesitated to create “look-alike” websites with job offers similar to those of these companies, or even to set up real – fake – recruitment processes. The enticing fake job postings contain the real information of the spoofed company – information that can be found on business register sites. Scammers do not hesitate to approach job seekers directly via LinkedIn messaging – especially since it is possible to put a sticker on your profile picture signifying that you are actively looking for a job, this which facilitates the identification of victims – and to conduct fake interviews remotely, in particular via Skype. They know the sector and the needs of the market perfectly, and some of them even create profiles with the photo of the real recruiter of the company they are impersonating. Before validating the hiring, the “company” obviously needs personal data, such as a photocopy of the identity card, the social security number and a bank details, to prepare the file for the future recruit, and even asks money for hardware or third-party training!

These scams are worrying because they are more and more numerous. According to the Financial Times, the sums stolen in this type of scam increased from $209 million for 105,000 scams in 2021, to $367.4 million for 92,000 scams in 2022 in the United States. A trend that can be explained by the development of telework, which allows fraudsters to carry out fake recruitments by video, without going through a physical interview, and the crisis in the tech sector, which allows them to attack desperate or over-enthusiastic people, who can then suspend their disbelief. Moreover, these scams are facilitated by the development of artificial intelligence, with deepfakes – an overlay of photos carried out by an AI – and texts generated by tools like ChatGPT – which has been freely accessible to the general public since November 2022 and makes a real hit.

Deepfakes on LinkedIn: fake accounts generated using artificial intelligence

But that’s not the only problem on LinkedIn. It often happens that people with bad intentions create many fake profiles using artificial intelligence and copy the blurbs of other accounts – real ones this time – or ask ChatGPT to write one for them. The perfect combination to appear larger than life, and which turns out to be rather problematic for many HR managers and group administrators – who must validate a profile before accepting it.

The website KrebsOnSecurity has already conducted several investigations in 2022 into the proliferation of fake profiles on LinkedIn. Hamish Taylor, the administrator of a group with nearly 300,000 members, claimed he alone blocked nearly 13,000 fake accounts in 2022, some of which were “cynical attempts to exploit humanitarian aid and crisis aid experts”, as so-called experts, in disaster recovery, following recent hurricanes. “Swarms” that have been multiplying since January 2022. Mark Miller, the administrator of the DevOps IT group, noticed that the fake profiles try to register in the different groups in successive waves: “When a bot tries to infiltrate the group, it does so in waves. We see 20-30 requests coming in with the same type of information in the profiles.”

Group administrators are not the only ones to suffer from these fake accounts, companies too! Some have had the unpleasant surprise of discovering several fairly similar profiles claiming to work for them, when they are not even real people. Tests have been carried out on their photo, and reveal that they look like other photos published on the Internet, but never exactly match them. It is therefore very likely that they are deepkakes. Several readers have pointed to a likely source: the website thispersondoesnotexist.com, which uses AI to create unique portraits in the blink of an eye.

Deepfakes on LinkedIn: motivations still unclear

Fake accounts can have a wide variety of – but equally dishonest – uses. Fake job offers to steal information, recruitment scams, classic phishing… But some are more imaginative. Thus, fake profiles can sometimes be linked to so-called “pig butchering” scams, in which hackers convince their victims to invest in cryptocurrency exchanges, and end up seizing all the funds when cashing out. More surprisingly, cybersecurity company Mandiant – which was acquired by Google – told Bloomberg that hackers working for the North Korean government had copied resumes and profiles on major job posting platforms LinkedIn and Indeed, in order to get jobs at cryptocurrency companies.

However, the bots spotted by KrebsOnSecurity are a different case, and their motives remain unclear. Indeed, they don’t seem to pull off any scams, even when handed the stick. They don’t respond to messages or post anything. Rather, fake accounts appear to be created and immediately abandoned. Hamish Taylor finds this rather worrying: “it looks like someone is setting up this massive botnet to repeat and amplify a propaganda message through mass publication at the appropriate time.” Anyway, fake profiles are a real scourge, and we hope that LinkedIn will react accordingly. Bloomberg also notes that the platform has so far managed to avoid scandals in this regard, unlike Facebook and Twitter. But things could change…

ccn5