Securing Your Social Media Profiles
Why Threat Actors Target LinkedIn
?Even though it’s a professional account vs social account, people are more likely to connect or at least respond to messages from people they do not know when they are looking for new jobs or trying to expand their network of connections within their industry. LinkedIn by design has user profiles with detailed information about their entire education and work history
?Threat actors take advantage of this by setting up fake recruiter accounts as well as fake corporate and academic accounts
?Not all fake accounts are used for scams some are just used to promote products or drive traffic to other sites, but many of the accounts are used for phishing attacks, social engineering, and other traditional scams
In The News
North Korean Hackers Find Value in LinkedIn - Group Lures Victims Into Opening Phishing Payload Disguised as Job-Related Info
Fake Account Examples - Recruiter
Tips for spotting employment scams
?Be skeptical of unsolicited offers for high profile positions
?Verify who you're dealing with
?Check out the company outside of LinkedIn
?Requests for money are a big red flag
?Request for your Social Security Number are red flag
If you are contacted by a “Recruiter” whether a 3rd party company or directly from a company, take the time to actually review their profile before decided to respond to them.
Many of these fake accounts are auto generated by the 1000s so the information in them make seem out of place for a real person
Key indicators – Does their image look real or like stock image (you can do reverse image search), does the company name match their industry?, does the company exist where they claim they are located? Do their job titles and experience make sense? Who are their connections? Do they have any? Do they have connections at the company they claim they work or within the same industry? Where did they go to school?
Source: https://www.cnet.com/tech/services-and-software/fake-online-recruiters-looking-to-scam-job-seekers/
Fake Account Examples: State Sponsored Espionage
Charming Kitten (known as APT42, ITG18, UNC788, TA453, PHOSPHORUS, Yellow Garuda, also APT35) is an Iranian state-sponsored threat group1 that conducts persistent cyber espionage operations to have extensive surveillance of targeted Iranian and foreign citizens, who have strategic intelligence value for the Islamic Revolutionary Guard Corps (IRGC).
Charming Kitten actors have targeted individuals, academics, journalists, activists, think tankers, institutes, organizations, military and government sectors in the United State, European, and Middle Eastern countries since as early as 2014.*
领英推荐
Charming Kitten has made us of fake accounts of real people and made up identities to carry out information gathering and disinformation campaigns across LinkedIn for several years.
Source: https://blog.certfa.com/posts/charming-kitten-can-we-wave-a-meeting
Securing Your Profile
What are the steps to secure your profile?
You want to look at:
?What parts of your profile are displayed to those who are not LinkedIn users
Visibility – Edit Your Public Profile
Public profile settings
?You control your profile and can limit what is shown on search engines and other off-LinkedIn services. Viewers who aren’t signed into LinkedIn will see all or some portions of the profile view displayed below.
?Who can contact your through messenger
Settings – Data Privacy – Who Can Reach You – Messages You Receive
?You can change the settings for messages requests, inmail messages and sponsored messages
Settings – Visibility
You can tailor how parts of your profile are displayed, how your profile can be found and visibility of your activity on the site
You can also contract your blocked list from these settings
Know Your Connections (KYC)
Why you should Know Your Connections
?LinkedIn tracks your network based on 1st, 2nd and 3rd level connections
?When you make your connections visible to each other, they can see all levels of this network
?For those who connect with anyone and everyone and have 500+, 1000+ 1st level connections their 2nd and 3rd level reach into the 10s or 100s of thousands of people
?Threats may not be after you specifically but access to your connections