Cyber & IT Supervisory Forum - Additional Resources

TLP:GREEN

actors access to important and powerful information about you, such as details about your history, company, and professional contacts. 464, 465

 That information can be used to create detailed and believable phishing campaigns and other financial swindles. 466  In short, beware of LinkedIn accounts with fake photos, incomplete profiles, limited connections, fake names, poor spelling, and grammar, and/or suspicious work history.

17.14.1.2 Fake Photos Model-quality photos often go with many Fake LinkedIn profiles.

 If you are suspicious about a photo, there is a straightforward way to check its authenticity. Simply do a reverse image search using TinEye , Bing's Visual Search or Google’s Reverse Image Search .  These search engines will show you where, if any place, the same image has been used previously online.

17.14.1.3 Incomplete Profiles One key indicator of fake LinkedIn accounts is the lack of any information about the individual. If there is information, it is often in the form of mostly generic statements that lack any specificity in the summary and experience sections.  Conversely, genuine profiles belonging to real people typically include a mixture of personal details, such as causes, volunteering, hobbies, education, recommendations, and the use of the first person when writing the 'Summary' or 'Experience' sections.  Many fake profiles used for swindles do not bother to add personal information and keep detail to a minimum.  Most people also personalize their custom LinkedIn URL while false accounts will not as they are created quickly and without tremendous attention to detail.  This may not be the case for more sophisticated Cyber criminals or Advanced Persistent Threat actors.

17.14.1.4 Limited Connections Genuine profiles typically have a mixture of people and profiles among its connections.

TLP:GREEN