Guide to Protecting Against Scammers on LinkedIn

The official guidance of LinkedIn is that you should only connect with people you know. I respectfully disagree with this guidance. LinkedIn is a "professional networking site". The whole point of networking is to expand your network. By accepting connections from individuals you don't necessarily know yet, you might find a great new connection or opportunity. It has worked out well for me personally.

Unfortunately, this approach does not come without its' risks. By accepting connections from unknown individuals, you are opening yourself up to efforts by scammers who are looking to compromise you and obtain either information, money, or both. As someone trained to detect such nefarious activity, I can assure you that a simple combination of situational awareness and common sense will go a long way in mitigating the risks of accepting invites from people you don't know (yet) while maximizing the potential benefits of accepting their invite.

The Basics: These are the most obvious and common sense rules:

• International connections: An invitation to connect from outside your country of residency, especially if you do not engage in international business, should be viewed with skepticism. How and why would you be transacting business with them? If you don't know the answer to that question, you have no reason to be connecting to them on a professional networking site.
• Aggressive connection invites: Anyone who is aggressively seeking information already in their initial invite, especially claiming time sensitivity, is not someone you want to do business with anyway, so pass.
• ANY invite which includes an attachment, link, or desires to send you one immediately: We all know the risks of opening attachments or clicking on links. Therefore, most of us know better than to send such to someone we don't know. While this could be harmless naivete on the part of the sender, better safe than sorry here and move on.
• Invites from people who use the picture of a celebrity and claim it as their own or use a blatant stock image (Getty, Shutter Stock or otherwise): If you look carefully at the photo you will see the obvious flags such as staged scene photos, recognition of the actual individual, or even watermarks in the profile pic. These are usually low level international scammers. The good ones are smarter than this

More Advanced: OK, now that we have gotten the most obvious stuff, let's get to the flags you need to think a bit more about:

• Don't fall for flattery: Overly flowery language about how impressed they are with your profile and lots of compliments are often intended to get you to drop your guard - be suspicious. Would you approach someone that way? Maybe if they are Jeff Bezos, Jack Welch, some others. For the rest of us, it is a big red flag.
• Be realistic: This next one is a bit sensitive and targeted towards the guys, but a female could fall for this as well. I am in my mid 40's. When I get a flirtatious invite to connect from an attractive female half my age, my first response is "yeah, right!". I have a simple rule - invites that start with "Hello Handsome" (yes, I have actually gotten several of these) - are code for "Hi, I am a scam artist". LinkedIn is not a dating site. Simply stay away from these connect invites, don't engage them at all, even if you happen to be lonely and single (married folks - shame on you!), it is not likely to be worth the risk.
• Compare profile pics to their history: You will frequently find with scam artists that if you read the timeline of their education and professional experience you will note that the chronology of their timeline does not match the relative chronological age of their profile pic. Also, note odd inconsistencies in their timeline. How did they manage a full-time job as a high level executive while at the same time completing their Bachelors? Weird overlaps of claimed professional resumes or odd educational experiences (8 years for a four year degree, completing a four year degree while simultaneously working on a master's degree, many others). These scammers are counting on you not looking closely. They know they need to fill in this info to avoid obvious suspicion. However, they rarely put it together in a way that makes sense.

The Best of The Scammers: Unfortunately, the best of the scammers don't fall into any of the above red flag categories. The good news is that even high level scammers often make mistakes that are observable IF you maintain a careful degree of skepticism and situational awareness when considering and accepting invites from people you don't know:

• Recognize you will likely accept their invite: Since I already explained the benefits of accepting an invite from someone you don't know, if the scammer is really good, they will not have fallen into any of the red flag scenarios above (assuming you followed that advice), and you will accept. The game begins at this point for the highly skilled scammer.
• Watch for the "Slow Walk": The scammer will now look to build trust with you and get you to let down your guard. Their contact will not be constant but you will note a regularity to it - maybe daily, maybe every few days. Little bit by little bit, they will probe deeper. They may focus on getting more personal details or more details about your business. Their goal is to learn enough to determine the most effective approach to compromise you or your business. Be mindful of their efforts to learn more and more and more about you or the business without sharing similar levels on their end (they avoid doing this because they are afraid of you "fact checking" them). As the conversation evolves, you should be vetting them along the way. In this age of websites, social media, widely available data, you should be able to easily validate the information they are sharing with you. If you cannot, or they are being coy about sharing, you are dealing with a scammer
• The "Subtle Signs": The best of the scammers will ensure their profile photo and timeline make sense, and will claim to originate from your country of residency. However, there are still red flags to help you since the majority of them are actually originating from outside your country. Keep an eye out for people who are unfamiliar with geography. They may not recognize your state or city or ask bizarre questions about them that someone who lives in-country should know. You may notice that they contact you at times where they should be asleep (time zone differences). You may notice that at times they seem quite fluent in the language and colloquial terms unique to your country or locale, while at other times their statements are choppy and lack an awareness of the standard day to day use of your home language (this often indicates that more than one person is managing the profile on the other end). Further, if you dealing with more than one bad actor (common in more advanced scams), you might notice bizarre intervals of contact (they contact you at 3:00AM local time and then again at 7:00AM - when did they sleep??)
• The Final "ASK": Ultimately, even if you have not caught on yet to them, there will be one final opportunity to avoid being scammed, personally or professionally. At some point, they will ask for information or an act from you which you otherwise would not do. You will have some hesitation. You will write it off as "No, they are legitimate, they are the real deal, I don't want to offend them". That is EXACTLY the thinking they are hoping for. In 99% of these cases, you will have never met this individual in person (you may have had a phone call), yet you will feel compelled to share information or act as they requested based on the "relationship" you have built (this is especially dangerous when what appear to be "romantic interests" are involved. Extortion and blackmail are frequent components of this process if you comply). DON'T DO IT!!! If you are being asked to share information or to act in a way that could potentially compromise yourself personally or professionally and you have not met this individual in person and vetted their credentials (not just through ways they suggested, but independent ways such as Google, background check systems, etc.) politely decline. The other party will likely express frustration and attempt to intimidate you, claim you are "wasting their time", claim you are "threatening the deal", claim time sensitivity to get you to move forward, or use a variety of other techniques to compel you to act. Any response from the other party short of "I am sorry I made you uncomfortable. If you ever want to re-engage, please let me know" with no further contact over the next month or so, should be viewed as confirmation of your instincts. Get away from them

I hope this basic guide will allow you to continue to engage new unique connections on LinkedIn and experience the benefits of such while giving you the comfort and peace of mind that you have the tools necessary to weed out 99% of the scammers. The last 1% are state-level actors. If you hold a position that would attract their interest and vast resources, you are probably not on LinkedIn (or should not be) anyway.

Best Regards.