Job offers

Common LinkedIn Scams: Beware of Phishing Attacks and Fake Job Postings

LinkedIn scammers attack when we may be most vulnerable – here’s what to look for and how to avoid being defrauded while using the platform

Job hunting is hard work, a kind of full-time job in itself. It takes focus and patience to jump from job offer to job offer and fill out endless forms, perhaps to the point of emotional distress – and still with no real job offer in sight.

Social media platforms like LinkedIn are looking to lighten the burden of the most onerous tasks, keeping job seekers up to date with their job search and perhaps even helping some of them get their foot in the door. the door to the business of their dreams. Recruiters, on the other hand, have an easier time finding the best candidates, among other benefits.

But partly because it’s such an immersive process, especially for the unemployed, many people may also be more susceptible to scams. Certainly, all social media platforms are fertile ground for fraud. One thing that makes LinkedIn somewhat special, however, is its public perception as a safe, professional environment where we can let our guard down.

Unfortunately, the reality is not so favourable, even less in these times of Great Resignation. Online fraud impersonating LinkedIn continues to thrive and has indeed exploded in recent months. While some scammers can succeed with very simple, old-fashioned tricks, like asking for your bank details or upfront payments in exchange for a seemingly legitimate job interview, others can be very sophisticated.

Let’s review some examples of common scams using LinkedIn.

Fake notifications

Email notifications have become a common presence in our mailboxes, heading to a folder where they usually stay forever, or at least until they’re deleted. Social media companies are well aware of this and offer ever more enticing lines, such as “You appeared in 30 searches this week” and “Congratulations John on his new job”, all to make us curious enough to tune in to our accounts and spend more time on the platform.

Cybercriminals have also noticed and use such curiosity-inducing wording on similar phishing emails that land in our inboxes and are ultimately designed to steal our login credentials or download malware onto our devices.

Once we click on a link in such a fake email, we are sent to a fake LinkedIn landing page that asks for our login credentials. A few seconds later, we involuntarily transmit only our LinkedIn username and password, but often also access to all other services where we use the same authentication.

Bogus job offers

Other ways to steal IDs involve high-paying “job openings” that are at your fingertips by replying to a direct message. Caught off guard, we may click on the link provided or request more information, to which the fake headhunter will respond with an unconvincing message stating that you have what it takes to get the job and asks you to pay an advance , possibly for training, or to fill in your personal information via, for example, a Google Form. Although it sounds a little strange, you might think there is nothing to lose. Except there are.

These offers often ask for additional personal information during the first contact even if what you have already provided in your LinkedIn profile and CV, such as your name, age of residence and contact details, is more than enough to land you an interview. ‘hiring. You are well advised to always confirm that the company you are applying to really exists and run a quick Google search to verify it. And just like you go to great lengths to send out a great resume, employers tend to pay attention to their job postings, so keep an eye out for grammatical errors or conflicting information.

Also, remember that no company will offer you money or ask for your bank details on first contact.

The El Dorado crypto

While obviously not specific to LinkedIn, forex and crypto scams also target users of the site. A seemingly well-educated and legitimate financial advisor reaches out, offering a “great investment”. We are taken to the Eldorado of easy money, an attractive prospect for anyone in economic difficulty or for those who are convinced that they will make a fortune in the field of cryptocurrency.

It will certainly sound “too good to be true,” but the post comes with a sleek website that backs the claim, plenty of reviews, and new millionaires to tell their stories. To join the club, all it takes is a few clicks and an initial investment, the scammers explain. And to make it look safe and reliable, all transactions take place inside this lovely website.

But once the transfer is made, the money is lost. Our smart financial advisor, on the other hand, will congratulate us on a “smart” investment. A few days later, a message informing us that we have just made huge profits may appear and that thought in the back of our mind that maybe it was all a scam flies away.

It turns out, however, that there are unexpectedly high taxes to pay to get the money into our account. And even if we pay, the scammers will continue to empty our wallets as much as they can. Their profit is already guaranteed.

So what can you do to stay safe on LinkedIn?

Any of us can fall victim to a scam, no matter how much information we have access to. Being aware of this is, in fact, the first step in protecting yourself from scammers, whether on LinkedIn or elsewhere.

There are a few other golden rules to follow:

  • Be careful on LinkedIn as you would be on any other social media platform.
  • If you receive an email that appears to be from LinkedIn, but you’re not sure if it’s legitimate, don’t click on any links. Instead, directly open LinkedIn and check your notifications.
  • Treat connection requests from people you don’t recognize with caution. If they contact you, do not click on any links. Instead, run a Google search on the employer and the reliability of this connection. Ask yourself “how did this person find me?” Why are they contacting me? “.
  • Make sure your privacy settings for people outside of your contacts show only the information you need. For example, you might want others to see your work experience and education, but not necessarily your phone number.
  • Use a strong, unique password or passphrase.
  • Enable two-step verification (also known as two-factor authentication). If your connection is compromised, it will be much more difficult for hackers to use it.
  • Never give out personal information such as your ID numbers or credit cards. Prospective employers will not ask for your bank details or deposit your salary using login credentials.
  • Be aware that real job postings comply with national and tax laws. Easy money tends to be a scam.
  • Beware of unsolicited offers of financial services or investments through connections you don’t know. Nowadays, each of us can create a website that looks pretty and trustworthy.
  • Always report a scam to LinkedIn.

Bottom line, if something is too good to be true, it most likely is (a scam).