We’ve all had random LinkedIn connection requests from people we’ve never met, and now Symantec may have helped explain why.
In a new blog post it documents scams using fake accounts, in order to map the business networks of professionals, and scrape contact information for future phishing scams.
Senior Security Response Manager Satnam Narang said in the post. Most of these fake accounts say they are recruiters at fake firms or self-employed, often use photos of women either from stock image sites or of real professionals, lift text from real profiles, and keyword-stuff their profile so they appear in search results.
The spammers specifically use recruiters, as LinkedIn users expect to be contact by them on the network. Narang says users "should be very skeptical of who they add to their network. If you’ve never met the person before, don’t just add them."
Connections can be checked via reverse searching, or simply checking with others you know that are connected with this profile.