Protecting Yourself from Fraud on Social Media: Steps to Consider!

Last Friday, June 17^th, CNBC published a news article exposing a trend that has been recently emerging with even more strength in social platforms such as LinkedIn: that of fraudsters reaching out to other users and luring them into cryptocurrency investment schemes.

Social engineering is the term used when referring to any malicious activity that is conducted through human interactions, including psychological manipulation to make others dismisssecurity measures to either cause harm in the sense of sabotage or theft. Some of the most common attacks include phishing, physical breaches, or DNS Spoofing.

Through the years, attackers have become much more sophisticated with the tactics used to take advantage of their victims, and therise of social networks such as LinkedIn have become a powerful platform for them to step up their malicious activities.

According to Sean Ragan, FBI’s special agent in charge of the field offices in California, this new attack scheme works the following way: the attacker creates a fake LinkedIn profile in which they portray the image of a legitimate professional and start reaching out to other users in the platform though LinkedIn messages. After gaining their trust over the next few days or even months, they offer to help the contacted user make some money by claiming to invest their funds in crypto currencies. Since LinkedIn is a well-known platform used to make networking and access business opportunities, users easily fall for the attacker’s invitation.

LinkedIn’s take on the matter has been to enforce their policies on fraudulent activity, claiming they “work every day to keep our members safe, and this includes investing in automated and manual defenses to detect and address fake accounts, false information, and suspected fraud.” Still, it is the victim’s responsibility to identify if such scheme is fraudulent and report it to both the company and local authorities (which in most cases is nearly impossible to tell if an account is fake or not).

Knowing that these sort of social engineering activities are rising in social media platforms is important, but knowing how to protect yourself from them is even more crucial.

The following are some relevant tips that might be helpful when validating the profile of other users you might be engaging with, to avoid these types of attacks:

1. Look for shared connections. The more connections they have to people in common, the more reliable this person might be. If in doubt, ask people you have in common about who this person might be.

2. Revise the user’s education and job experience. Users who indicate on LinkedIn an association with an official organization are most likely to be asked to verify the validity of such connection.

3. Check if the user has endorsements from other users.

4. Review the user’s profile activity and resonance. Read it thoroughly and try to pick up on any red flags. Profiles tend to give us more information about who each user is, their personality and even intentions.

5. Read though the user’s LinkedIn activity. What are they reading? Who are they talking to or interacting with? What are their interests?

Using these basic tips to become aware of who you connect and talk to on social platforms such as LinkedIn might help you avoid possible scams!

Sources:

Scott Zamost, Yasmin Khorram. “FBI Says Fraud on Linkedin a 'Significant Threat' to Platform and Consumers.” CNBC, CNBC, 17 June 2022,https://www.cnbc.com/2022/06/17/fbi-says-fraud-on-linkedin-a-significant-threat-to-platform-and-consumers.html.