Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Security Professionals, Beware of Fake Recruiters on LinkedIn

The LinkedIn accounts of security specialists have been recently assaulted with recruitment requests from a series of fake accounts in what appears to be an attempt to map their networks.

The LinkedIn accounts of security specialists have been recently assaulted with recruitment requests from a series of fake accounts in what appears to be an attempt to map their networks.

The group of fake recruiter accounts is sending LinkedIn invitations to security professionals in different fields, usually with a profile picture of an attractive woman, but soon after the account details and the picture are changed, provided that the profile does not disappear entirely.

Fox-IT’s Yonathan Klijnsma raised a flag on this activity a few weeks back and explained the manner in which the so-called “recruitment” works, but could not offer specific details on the purpose of this type of activity.

Following Yonathan Klijnsma’s shout out, F-Secure’s Sean Sullivan took a closer look at these accounts and discovered that they were all for people supposedly working for Talent Src (Talent Sources) and that each was seemingly focused on a particular type of specialist.

The profile pictures of some of these so called recruiters were found to be flipped copies of images on Instagram and on some legitimate LinkedIn accounts, while their specialties and areas of interest were revealed to be at least questionable.

Additionally, Sullivan noted that Talent Sources’ logo actually copies that of a legitimate business, that its Twitter account hasn’t been updated since January, that it uses and egg and only two tweets have been ever posted, and that some of the LinkedIn accounts in question have already disappeared.

Targeted security professionals might receive multiple recruitment invitations per day from Talent Sources’ supposed employees over the course of several days, yet they might want to steer clear of them.

There is no exact information pertaining to the purpose of these recruitment campaigns, other than what appears to be obvious, namely that they are meant to map connections of infosec specialists rather than attempting to gather other type of information from them, albeit this possibility is not excluded either.

 In May 2014, cyber intelligence firm iSIGHT Partners outed a group of Iranian threat actors, who were found using more than a dozen fake personas on popular social networking sites to run a wide-spanning cyber espionage operation since 2011. 

“These credible personas then connected, linked, followed, and “friended” target victims, giving them access to information on location, activities, and relationships from updates and other common content,” iSIGHT Partners said.

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.