"When a person in a similar industry to us, or a recruiter, requests to connect on LinkedIn, it may look harmless, but hackers prey on this as a means to target senior level professionals and ultimately the corporate network," said Raj Samani, CTO of EMEA at Intel Security.
Hackers use fake LinkedIn profiles to target users
"Social networking sites are a treasure trove of data used by malicious actors in order to research potential targets for attacks, not only requesting to connect with senior executives but as many junior or mid-level employees at a company as possible. They then target senior level execs, using their existing connections with colleagues as proof of credibility by leveraging the principle of social validation. Once these connections are in place they can launch a targeted phishing campaign," he added.
As per Intel's research, one in every four Brits admitted that they connect with unknown people on LinkedIn. What's worse, most companies don't make their employees aware of their corporate policies on social media, nor do they advise employees not to trust unknown connections or not to open unknown links and attachments.
In December of last year, security firm Symantec revealed that hackers are now increasingly using fake LinkedIn profiles to target professionals and innocent job seekers by creating duplicate profiles and using stock images to trick other users. The hackers also direct job seekers to websites ridden with malware where the security of users' devices may also be compromised.
Your Gmail account is now more secure with new Data Loss Prevention tool
"Most of these fake accounts have been quite successful in gaining a significant network - one had 500 contacts. Some even managed to get endorsements from others," said Dick O'Brien, researcher at Symantec to the BBC.
LinkedIn is also serious reviewing the presence of such profiles in its database. "We investigate suspected violations of our Terms of Service, including the creation of false profiles, and take immediate action when violations are uncovered. We have a number of measures in place to confirm authenticity of profiles and remove those that are fake. We encourage members to utilise our Help Center to report inaccurate profiles and specific profile content to LinkedIn," said LinkedIn.