Fake LinkedIn accounts targeting cyber security researchers
7 September 2015
Cyber security researchers are being targeted by fake LinkedIn accounts posing as recruiters from a non-existent company.
Sean Sullivan, a security advisor at F-Secure, exposed the network of impostors, whose intentions are unclear to information security experts.
The fake profiles are listed as working at Talent Src, although a reverse image search for the company’s logo shows it has been lifted from a different, real company.
Researchers also found that Talent Source’s Twitter account was all but blank and that the “recruiters”‘ profile pictures had been picked from elsewhere on the web.
They suspect the profiles may have been looking to map out security experts’ networks.
“There’s a group of fake recruiters on LinkedIn mapping infosec people’s networks,” Fox-IT’s Yonathan Klijnsma tweeted. “Not sure what their goal is yet, just a heads-up to others.”
He went on to describe the approach taken by the fake recruitment accounts.
Klijnsma said the profiles would typically approach users with a recruitment message about a relevant job before removing their profile pictures and changing their names.
LinkedIn users are advised to be wary about who they connect with on the social network.
For more information on these strange accounts, see the F-Secure blog.