Overabundance of fake LinkedIn profiles pits HR against bots – Krebs on Security

A recent proliferation of fake executive profiles on LinkedIn creates something of an identity crisis for the business networking site and for the businesses that depend on it to hire and screen potential employees. Fabricated LinkedIn identities — which combine AI-generated profile pictures with text extracted from legitimate accounts — are creating major headaches for corporate HR departments and for those running invite-only LinkedIn groups.

Some of the fake profiles reported by the co-admin of a popular sustainability group on LinkedIn.

Last week, KrebsOnSecurity reviewed a flood of inauthentic LinkedIn profiles all claiming chief information security (CISO) positions at various Fortune 500 companies, including biogenic, Chevron, ExxonMobiland Hewlett-Packard.

Since then, the response from LinkedIn users and readers has made it clear that these fake profiles are popping up in droves for virtually every leadership position, but especially for jobs and industries that are adjacent to recent world events and trends in the world. the news.

Hamish Taylor leads the Sustainability professionals group on LinkedIn, which has more than 300,000 members. Along with band co-owner Taylor said he blocked over 12,700 alleged fake profiles so far this yearincluding dozens of recent accounts that Taylor describes as “cynical attempts to exploit humanitarian and crisis aid experts.”

“We get over 500 fake profile requests to join every week,” Taylor said. “He’s been hit like hell since about January of this year. Before that, we didn’t have the counterfeit swarms we know now.

The opening slide of a plea from Taylor’s group to LinkedIn.

Taylor recently posted an entry on LinkedIn titled “The crisis of false identities on LinkedInwhich derided the “60 Least Wanted Crisis Relief Experts” – fake profiles that claimed to be experts in disaster recovery efforts in the wake of recent hurricanes. The images above and below show just one of these groups of profiles that the group has flagged as inauthentic. Virtually all of these profiles were removed from LinkedIn after KrebsOnSecurity tweeted about them last week.

Another “swarm” of LinkedIn bot accounts reported by Taylor’s group.

Mark Miller is the owner of the DevOps group on LinkedIn and says he deals with fake profiles daily – often hundreds a day. What Taylor called “swarms” of fake accounts, Miller instead described as “waves” of incoming requests from fake accounts.

“When a bot tries to infiltrate the group, it does so in waves,” Miller said. “We will see 20 to 30 requests coming in with the same type of information in profiles.”

After catching the waves of alleged fake profile requests, Miller began sending the footage to LinkedIn’s abuse teams, who told him they would look into his request but he may never be told what action to take. taken.

Some of the bot profiles identified by Mark Miller who sought access to his LinkedIn DevOps group. Miller said these profiles are all listed in the order in which they appeared.

Miller said that after months of complaints and sharing fake profile information with LinkedIn, the social media network appeared to be doing something that caused the volume of group membership requests from fake accounts to drop precipitously.

“I wrote to our LinkedIn rep and told him we were considering shutting down the group, the bots were so bad,” Miller said. “I said, ‘You should do something on the backend to block this.

Jason Lathrop is vice president of technology and operations at IOutsource, a Seattle-based consulting firm with approximately 100 employees. Like Miller, Lathrop’s experience battling bot profiles on LinkedIn suggests the social media giant will eventually respond to complaints about inauthentic accounts. That is, if affected users complain loudly enough (posting some publicly on LinkedIn seems to help).

Lathrop said that about two months ago his employer noticed waves of new followers and identified more than 3,000 followers who all shared various items, such as profile pictures or text descriptions.

“Then I noticed they were all claiming to work for us in some random capacity within the organization,” Lathrop said in an interview with KrebsOnSecurity. “When we complained to LinkedIn, they told us that these profiles weren’t violating their community guidelines. But damn it, they don’t! These people don’t exist and they claim to work for us!

Lathrop said that after his company’s third complaint, a LinkedIn representative responded by asking ISOtsource to send a spreadsheet listing all of the company’s legitimate employees and their corresponding profile links.

Soon after, the fake profiles that weren’t on the company’s list were removed from LinkedIn. Lathrop said he still doesn’t know how they will handle admitting new employees to their company on LinkedIn going forward.

It’s still unclear why LinkedIn has been inundated with so many fake profiles lately, or how the fake profile pictures come from. Random testing of profile photos shows that they look like but do not match other photos posted online. Several readers pointed to a likely source — the website thispersondoesnotexist.com, which makes using artificial intelligence to create unique portraits a point-and-click exercise.

Cybersecurity firm Beggar (recently acquired by Google) told Bloomberg that hackers working for the North Korean government copied resumes and profiles from major job posting platforms LinkedIn and Indeed, as part of an elaborate scheme to land jobs in cryptocurrency companies.

Fake profiles may also be linked to so-called “pig butcher” scams, in which people are lured by online flirtatious strangers to invest in cryptocurrency trading platforms that end up grabbing all the funds when the victims try to withdraw money.

Additionally, identity thieves have been known to pose as recruiters on LinkedIn, collecting personal and financial information from people who are victims of employment scams.

But Sustainability Group administrator Taylor said the bots he strangely follows do not respond to messages, nor do they appear to be trying to post content.

“Obviously they’re not being watched,” Taylor said. “Or they are just created and then left to rot.”

This experience was shared by DevOp group admin Miller, who said he also tried to bait the fake profiles with posts referring to their falsity. Miller says he fears someone is creating a huge social network of bots for a future attack in which the automated accounts could be used to amplify false information online, or at least blur the truth.

“It’s almost like someone is setting up a huge botnet so that when a big message needs to go out, they can just mass post with all these fake profiles,” Miller said.

In last week’s article on this topic, I suggested that LinkedIn could take a simple step that would make it easier for people to make informed decisions about whether to trust a given profile: add a “created on” date for each profile. Twitter does this, and it’s extremely useful in filtering out a lot of the noise and unwanted communication.

Many of our readers on Twitter said LinkedIn needs to give employers more tools — perhaps some kind of application programming interface (API) — that would allow them to quickly remove profiles that falsely claim to be employed. in their organization.

Another reader suggested that LinkedIn could also experiment with offering something akin to Twitter’s verified brand to users who have chosen to validate that they can respond to emails on the domain associated with their current, stated employer.

In response to questions from KrebsOnSecurity, LinkedIn said it was considering the idea of ​​domain verification.

“It’s an ongoing challenge and we’re constantly improving our systems to stop counterfeits before they get online,” LinkedIn said in a written statement. “We stop the vast majority of fraudulent activity we detect in our community – around 96% of fake accounts and around 99.1% of spam and scams. We are also exploring new ways to protect our members, such as extending email domain verification Our community is made up of genuine people having meaningful conversations and always increasing the legitimacy and quality of our community.

In an article published Wednesday, Bloomberg noted that LinkedIn has largely avoided the bot scandals that have plagued networks like Facebook and Twitter so far. But that splinter is starting to show, as more and more users are forced to waste more time fighting inauthentic accounts.

“What’s clear is that LinkedIn’s cachet as a social network for serious professionals makes it the perfect platform to lull members into a false sense of security,” Bloomberg said. Tim Cuplan wrote. “The vast amount of data that LinkedIn gathers and publishes, which underpins its entire business model, but which lacks robust verification mechanisms, exacerbates the security risk.”

Add Comment