Security
Headlines
HeadlinesLatestCVEs

Headline

LinkedIn scams are a “significant threat”, warns FBI

The FBI has issued a warning about cryptocurrency scams on LinkedIn. We see what the scammers are up to and how you can avoid them. The post LinkedIn scams are a “significant threat”, warns FBI appeared first on Malwarebytes Labs.

Malwarebytes
#cisco#git#sap

Digital currency fraud is a growing issue on social media, and LinkedIn is no different. In fact, according to according to Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento, California, field offices, cryptocurrency scams are big business on LinkedIn.

“It’s a significant threat. This type of fraudulent activity is significant, and there are many potential victims, and there are many past and current victims.”

How cryptocurrency scams work on LinkedIn

Aspects of LinkedIn cryptocurrency scams share similar traits with fraud attempts on other platforms:

  • Someone messages you out of the blue. They begin with small talk, and eventually work their way up to cryptocurrency conversation. They claim that, yes, they can help you make big money from certain investments.
  • LinkedIn is generally seen as a trusted platform, reinforced by people’s perception as the go-to place for business related dealings. This is one advantage it has over less formal sites.
  • Victims are directed to genuine cryptocurrency investment portals. Though no further details are provided in the article, this can go one of two ways. Either the victim invests with their own cash, or the scammer sends them some funds to get started.
  • Weeks or months down the line, the scammer has the victim transfer funds to a site controlled by the scammer. At this point, funds are drained and the cash disappears along with the con-artist.

Scammers take the well-worn path to riches

The FBI notes that this type of fraud is on the rise, and draws a parallel with romance scams. In both cases, the end result is the same: loss of funds. However, this style of cryptocurrency fraud has its origins elsewhere and the connection to romance fraud is quite relevant.

This style of attack is called the “pig butcher” scam. It involves a so-called “fattening up” of the pig (target) with messages of affection. Eventually, the same jump-off into cryptocurrency investment takes place. The money, as always, vanishes. One of the key features of this attack is the pretence of accidental communication. Golf is popular, as are messages about luggage and airports.

The tactics used on LinkedIn almost certainly match up in various ways. If they can just get you to the investment site and have you deposit some funds: they’ve got you.

Linkedin take fraudsters to task

The team at LinkedIn point out that 96% of detected fake accounts and 99.1% of spam and scams are caught and removed by automated defences. That’s somewhere in the region of 70 million scam messages removed between July to December in 2021. For comparison, LinkedIn removed around 60 million between January and June of 2019. It also hit a peak of removals between July to December of 2020, with a massive 91 million scams given a time out.

Additionally, 11.9 million fake accounts were stopped at registration between July and December of 2021. Around 4.4 million were restricted proactively, and 127k further accounts were restricted once members reported them.

How to spot a scam on LinkedIn

With regard to cryptocurrency scams themselves, LinkedIn offers the following advice. Be wary of:

  • People asking for money who you don’t know in person. This may include sending cash directly, cryptocurrency, gift cards, prizes, and other winnings.
  • Job postings which sound too good to be true. Mystery shoppers, personal assistants, company impersonators are all potential red flags. Steer clear of anything which demands money from you up front.
  • Romantic gestures on a business-centric platform. This is especially dubious if tied to a brand new account with few or no connections. Keep in mind that established accounts can also be compromised, and used for any of the scam attempts listed above.

Should you experience LinkedIn content you’re not sure about, don’t worry. You can report it directly to LinkedIn to investigate. Stay safe out there!

Malwarebytes: Latest News

Meta takes down more than 2 million accounts in fight against pig butchering