Social networking for grown-ups site LinkedIn recently announced a crackdown on fake profiles. The site which has more than 600 million users around the world has been plagued by the fakes which are often used to send spam messages or phish for information.
LinkedIn has taken action on over 21 million fake profiles in the first six months of this year alone and has changed its registration process to make it harder for fakes to be created in the first place. But LinkedIn isn’t the only site that suffers from the plague of fake profiles, they are a problem for other social media platforms too.
As a user, what can you do to spot a fake profile and make sure you avoid interacting with it and potentially giving away sensitive information? Here are some tips to help you stay safe.
Anatomy of a fake
Fake profiles are often pieced together from information gathered from the web. The photo used can be a clue, studio-quality images of model-like individuals can be a warning sign. Alternatively, pictures may be stolen from other profiles. If you are unsure you can try a reverse image search on Google or use TinEye [1] to see if the image has been used elsewhere.
Fake profiles are often lacking information about the person. Real profiles typically include a mix of information including previous jobs, hobbies and so forth. Fakes tend to have a limited amount of generic information. Job titles are a clue too; if someone describes themselves as simply ‘manager’ or ‘director’ it should ring alarm bells.
You should look out for presentation issues. LinkedIn, in particular, is a professional network, so poor spelling and grammar should be a warning sign. It’s also useful to look at the connections a profile has. Fakes may have a large number of connections and perhaps belong to a couple of groups, but genuine profiles tend to have a broad mix of connections accrued over a long period. If in doubt check LinkedIn’s mutual friends feature to see connections to other people you know.
Social media is a two-way street, so you should be suspicious of profiles that don’t interact with other members of the community or have few if any posts. On sites such as Twitter, fakes will often be following lots of other accounts but with hardly anyone following them back.
Bill who?
Scammers will often use real names. If you get a request from Bill Gates or Lord Sugar chances are you’ll know it’s not the real thing. Smarter hackers might use the names of lesser-known actors along with their accompanying images.
Job titles can be another clue to a fake. We’ve seen already that putting simply ‘manager’ might be suspicious. Harder to spot are those that claim to work for recruitment agencies – as these are precisely the type of people that might contact you out of the blue. Again look at the rest of their profile or Google the name and current employer to see if they are listed elsewhere.
While recruiters do use LinkedIn, you should always be wary of job offers that seem too good to be true. Scams often begin with a message asking you to apply for a job. [2] This might turn out to be a phishing scam, getting you to upload your details on a fake site. Alternatively, it could be a way of trying to get you to pay for upfront ‘training’ expenses before taking the non-existent job.
Be wary too of anyone describing themselves as a LION (LinkedIn Open Networker) these are people who accept all LinkedIn connection requests in a quantity over quality approach. [3]
Some fakes are relatively easy to spot, but the scammers are getting more sophisticated. It pays to be wary and treat connection requests from people you don’t know with suspicion.
Does your business allow employees to use Social Media on work devices? If so, what security measures and policies do you have in place? At Cloudworks, we can advise and implement policies that secure your workplace devices and ensure company data isn’t compromised.
We are specialists in cloud technologies and securing your data. In addition, we continuously monitor our clients IT cloud infrastructure to ensure they are secure and protected against the latest threats. Give us a call to find out more and we will find the best strategy and IT Support solutions to fit your business.
Call us on 0115 824 8244 or email info@cloudworks.co.uk
[1] https://www.tineye.com/
[2] https://www.bbb.org/article/scams/13021-scam-alert-scammers-use-bogus-connection-requests-on-linkedin
[3] https://topdogsocialmedia.com/why-i-dont-connect-with-lions-on-linkedin/