LinkedIn, the world’s largest professional network, boasts over 1 billion members worldwide. With 61 million job seekers weekly, it’s become one of cybercriminals' favorite playgrounds. According to the LinkedIn Community Report, scams have skyrocketed since the coronavirus pandemic popularized remote work and online job interviews. The number of fake LinkedIn profiles detected by the platform in the first half of 2023 was over 2.5 times higher than in 2019. At the same time, the number of LinkedIn-related scams and spam went from 60.5 million in 2019 to 105.2 million in 2023.
Job scams on LinkedIn are not just a threat to the unsuspecting professional; they have a significant impact on business too. NordLayer conducted research on LinkedIn scams encountered by business representatives and the effects they had on affected companies. The report shows over half of the professionals encountered a scam attempt or fake account on LinkedIn. The outcomes vary from reputational damage to infrastructural harm.
Since you already know that LinkedIn scams are a serious business, let’s find out how to spot and avoid them.
Types of LinkedIn Scams
Unlike other popular social media platforms, LinkedIn is filled almost exclusively with professionals. Thus, the cyberthreats you can stumble upon are often distinct from the ones waiting for you on Facebook or any other social network.
Let’s get to know them.
Fake Job Offers
The recruitment process is possibly the only situation where we willingly give away our personal details. After all, our job search is usually driven by the necessity or hope of finally finding that promising, well-paid job. And then – as the cybercrime story often goes – we find out the offer was, in fact, too good to be true.
Scammers may pose as representatives of legitimate, well-known companies. They might also set up LinkedIn pages of non-existing businesses or offer attractive after-hours gigs.
Before applying for a job on LinkedIn, double-check the profiles of the recruiter and the company he’s representing. Discrepancies and spelling mistakes should raise your doubts. As well as asking for unnecessary sensitive details like Social Security Number or banking information.
On LinkedIn, phishing involves cybercriminals trying to lure you into taking the bait, which usually means clicking virus-containing links, downloading malware or ransomware, and giving away your sensitive information.
Phishing messages are always disguised as coming from legitimate sources. On LinkedIn, hackers may impersonate a recruiter sending you the link to the dream job offer or directing you to the company website, which - you’ve guessed it - is a total scam.
Hackers, also, often pretend to represent LinkedIn itself, counting on people being used to getting messages from the platform. The platform urges users to report phishing attempts and assures several domains that may have raised doubts in the past, such as [email protected], [email protected], and [email protected] are legitimate.
The best way to protect yourself from LinkedIn phishing is to develop a habit of checking email addresses and senders’ identities and never mindlessly clicking on any links or attachments.
Cryptocurrency and Investment Scams
Who among us doesn’t dream of making a fortune overnight, investing in the next big thing, or breaking the bank with cryptocurrency? We all do, and cyber crooks know it. They are also aware they target professionals; that’s why scams on LinkedIn are often sophisticated and aimed at building trust first. Unlike scam investment emails filling our spam folders, cyber crooks may direct you to a real investment website first and give you reasonable financial advice for months before asking you to move your funds to their fraud account.
Cryptocurrency scams are a worldwide threat: The number of such scams tripled in the first half of 2022, compared to the same period in 2021.
The promise of unprecedentedly huge returns in a short amount of time should always raise your doubts. Especially if the investment requires using an unknown crypto-exchange platform or cryptocurrency-only payment.
Romance is not the first thing that comes to mind when you think about LinkedIn. However, it’s not uncommon to meet your significant other at work, and LinkedIn is a work-oriented networking platform. So what’s so wrong about trying to make the connection with someone who piqued your curiosity? Well, the answer should be apparent at this point: You have no guarantee that the profile you’re chatting with is a real human. Especially if no common connections are backing up the profile’s identity. If you’re interested in how scammers seduce LinkedIn members, read about the security expert Roger Grimes's experience.
To stay on the safe side, stick to dating apps when looking for romance. The same applies to friendships: Don’t accept connection requests from people you don’t know personally or have no connections with. If someone claims to be a “good friend of a friend,” call the mentioned person to confirm the story; and never ever act upon urgent requests for money or other forms of support, especially if they come from people you’ve never met.
Technical Support Scams
Scammers exploit our vulnerabilities and needs, including the need for safety. In Technical Support Scams, cybercrooks may inform you about some serious issues with your LinkedIn profile (your account may even be hacked!) and urge you to act fast, click malicious links, or contact a non-existent call center.
If you wish to stay on the safe side — remember — LinkedIn uses various domains that may look suspicious e.g. [email protected] or [email protected]; however, the platform does not offer a phone number for customer service or — in any case — ask for your password or computer access.
LinkedIn is a natural habitat for both: recruiters and B2B marketers. It’s also a place where lead generation scams flourish, aimed at either gathering sensitive information to further exploit or sell marketers low-quality, often fake leads.
Filling out seemingly harmless forms or surveys may give scammers material for social engineering or phishing. Lead generation scams usually leverage fake LinkedIn profiles and contain “too good to be true” offers.
To save yourself from LinkedIn fraud, treat messages you get with a healthy dose of skepticism and distrust. Scan the sender’s profile: If it looks like it’s just been created, has few connections, and gives an altogether sloppy impression, there’s a chance it’s not real.
How To Protect Yourself From LinkedIn Scams
The rising number of scams on LinkedIn is not a reason to abandon the dreams of a new job or a successful lead campaign. However, it should be a wake-up call, forcing us to learn and apply effective strategies to prevent LinkedIn fraud.
Common Signs of a LinkedIn Scam
Beautiful people with no connections
Stunning picture and zero (or almost zero) connections: These two factors usually indicate that the profile is fake. Posing as somebody else is against the platform regulations and usually means something’s off.
Too good to be true offers
Great job with a breathtaking salary, the prospect of quick but significant profit, and leads that come in at an uncommonly low price. Remember, if an offer feels too good to be true, it usually is. And it will get you in trouble.
Poorly written messages
Though LinkedIn fraud tends to be more polished, sloppiness is still something that gives many cybercrooks away. Scam messages often contain poor spelling and grammar - mistakes that no professional would allow themself.
LinkedIn job scams are usually disguised as offers from legitimate companies. Always cross-check the information provided in the job description or business proposition with the official company websites or other reliable sources.
Asking for your sensitive information like bank details or passwords is a sign of a LinkedIn job scam rather than a legitimate career prospect.
Scammers want you to act first and think second. Do otherwise: Double-check the person contacting you and the website of the company they claim to represent.
How to Spot Fake LinkedIn Profiles
In the LinkedIn landscape, there are profiles out there that scream: “fake!”. However, some scammers – especially on LinkedIn, a professional network – do their homework, making our job of revealing their true intentions much harder. Harder, but not impossible.
Check the main characteristics of a fake LinkedIn profile:
No professional relations to you or somebody you know: Be cautious of strangers approaching you without clear intent. Especially if they quickly connect with many people or have no followers and a few connections.
Fake or lacking photo: Scammers often use photos of attractive people to lure you into accepting their invites. Pictures can be AI-generated or simply stolen, often showing real social media influencers or actors. When in doubt, upload the photo to Google or Bing image search and see what comes up.
Sloppy profile: If you ever looked for a job on LinkedIn, you know that a profile with poor spelling and professional description won’t get you hired. Yet, cybercrooks can be lazy – many fake LinkedIn profiles are sloppy. Fake accounts may also contain discrepancies in work history, like achievements too great for a person of such a young age.
Safeguarding Personal Data on LinkedIn
Guarding personal data on LinkedIn is critical if you wish to prevent breaches that could compromise both: your and your company’s security. That’s why a strong, unique LinkedIn password kept in an encrypted vault should be your first line of defese. You should also stick to the basic security practices when applying for jobs or engaging in conversations.
Luckily, there are tools like NordPass that make business cybersecurity effortless. This advanced password manager is easy to set up and use. It comes with handy features, allowing you to create the Password Policy for administrative-level employees or have full transparency over logins to company accounts (Activity Log).
But to understand what a game changer NordPass can be in your company, don’t just take our word for it — give it a go yourself with the free trial.