This is an update to the article about identifying LinkedIn scammers when they request a connection. In that article we listed six ways to identify fake accounts:
1.Look at that URL. If it indicates that this is a new account (anything over 300 million right now) be very suspicious. Other than your kids do you know anyone professionally who has not had a LinkedIn account for at least a couple of years (less than 100 million)?
2.The name does not include capitalized initial letters. I suspect that scammers have written scripts to generate these accounts and it is simpler not to capitalize.
3.They have fewer than ten connections. Why would someone from Ghana pick me out of 300 million people to connect to on practically the first day he gets on LinkedIn? I am often the first person they reach out to. Conversely, if someone has 500+ connections that is a very good sign they are a real person.
4.Picture is of a really good looking person. We all know how honey traps work. Don’t fall for a pretty face (or more).
5.Profile is incomplete. Look for a complete work history, education, and the number of people who have provided those “endorsements.”
6.No recommendations. Recommendations from real people are the best indicator of a real person. Obviously, a sophisticated attack from a determined assailant would go to the trouble of creating fake recommendations. I have not seen that yet.
Within a week of posting these tips I started to see much more sophisticated attempts to connect with me.
Profiles are complete now. Work histories extend all the way back to college. Descriptions of work experience may even be lengthy, just like a real account.
The endorsement section is populated, although not in realistic way.
The name, title, organization, and picture of the person are real.
They have 500+ connections.
On further investigation it is evident that the groups behind these fake accounts have created so many that they can connect to each other to get to that 500+ number in just a couple of days. They also cross-endorse each other.
One account that requested a connection early this week was of the “Chief of Staff United Nations Office for South-South Cooperation at United Nations” and its URL indicated that it had been created in the last few days (LinkedIn serial ID number: 361539268). The account already has 500+ connections and four of them are people I know.
A Google search of the person revealed that he was a real person and that he had a real LinkedIn account (and two fake accounts). I reached out via the email address posted on his United Nations bio page and he confirmed that the newer account was not him.
I have well over 4,000 connections on LinkedIn. I vetted them all using the techniques above, but not well enough to be sure a few very targeted attempts did not sneak through.
For now, the following new steps should be added to the above list:
1.Still look at the URL. Anything over 361 million indicates a very recent account.
2.Under the Skills and Endorsement section look for thinly populated endorsements like this:
3. Google search the person’s name and organization. An image search can help too.
As these scams proliferate it may get to the point where you can only accept invitations from people you really know and only after an out-of-band confirmation that the request is real.
Existential Threat to LinkedIn
Every social media platform has to battle against scammers and spammers. They ultimately build in just enough friction against creating fake accounts to make it manageable but not enough to eliminate the problem. That leaves it to us, the users, to become experts in identifying fake accounts.
On Twitter it seems like half the accounts are bots and fakes and the danger is minimal. All a spam account can do is send you DMs with links to malicious URLs. And no one falls for that, right?
But LinkedIn is a valuable professional tool used by millions to conduct business, make important connections, and build reputations. The creation of fake accounts with the same names and titles, even profile pictures, of existing accounts is a dangerous development. LinkedIn has to get better at detecting this activity.
LinkedIn has to do a better job at protecting its real users or I contend that its growth and value will flat line.