How is LinkedIn countering fake profiles?
Threat actors have been aggressively abusing LinkedIn over the past several years to contact targets in order to spread malware, engage in cyberespionage, steal passwords, or commit financial fraud. In order to combat fraudulent accounts and harmful use of the network, LinkedIn has launched three new features, including a new way to verify the authenticity of a profile by indicating if it has a confirmed work email or phone number.
The Lazarus North Korean hacking squad has often shown how they exploit this practice by approaching people on LinkedIn and making false employment offers. However, these phoney job offers result in the installation of malware that gives threat actors access to a target’s device and potentially corporate network, as well as the ability to hack into millions of dollars worth of cryptocurrency.
What measures has LinkedIn taken to counter this?
LinkedIn revealed recently that it has started to show more details about accounts to confirm their validity, actively utilise AI to look for fakes, and alert users when they get questionable communications. A new “About this profile” section that informs users of details like the date the individual established their profile if they confirmed their phone number, and whether they connected a work email is the first stage in LinkedIn’s fight against fraudulent accounts.
It would take an unreasonable amount of time for a cybercriminal to operate and maintain a phoney account with a plausible creation date if they wanted to approach a target on LinkedIn.
Additionally, it would be difficult for threat actors to confirm the legitimacy of their accounts without access to a business email from the impersonated corporation. The second phase involves employing AI to identify accounts that are clearly engaging in fraudulent behaviour by using AI-generated profile photographs to create the appearance of authenticity. Last but not least, when a conversation member suggests moving interactions outside of the platform, LinkedIn now issues cautions.
In the majority of these incidents, the victims are persuaded to download an instant messaging clone, which instals spyware along with a modified version of a communication programme. The effectiveness of these safety features in preventing criminal actors from misusing LinkedIn will only become clear with time.