First things first: LinkedIn is not Facebook. While both platforms help users to create and foster relationships, it is important to remember that LinkedIn was specifically created to serve the professional side, helping people to manage their professional identity, build and engage with their professional network, access knowledge, insights and job opportunities, and share in thought leadership
Naturally, cybercriminals have taken advantage of LinkedIn as a source of valuable personal information, creating doppelgangers of legitimate users in what’s called “profile hijacking,” as well as creating authentic-looking profiles of non-existent professionals in order to infiltrate networks and prey on unsuspecting users. While LinkedIn has long stressed that users only connect with contacts they know personally and trust on a professional level, far too many users are failing to vigilantly protect their networks and are therefore jeopardizing not only their own professional reputations, but those of their peers.
So, how does one tell the difference between a real person and a scammer? Typically, profile hijackers will send connection requests or unsolicited private messages asking to connect with you, citing bogus reasons like “My account was hacked and I needed to create a new profile, so I’m just reconnecting with you.” Protecting against profile hijackers is as simple as asking the user to confirm how they know you before accepting any requests or offers; bothering to do so is the hard part.
Detecting false users, on the other hand, can either be easier or much more difficult, depending upon the level of detail the cybercriminal puts into their false profile. These kinds of scams are often marked by unusually ‘flat’ personal details, vague work histories, and unrealistic profile photos. Like profile hijackers, false users will leverage authentic-looking profiles to spam legitimate users into answering unsolicited connection requests, fake job offers, or even potential investment opportunities, betting that few will bother to confirm their identities before engaging.
Follow these steps to start protecting your LinkedIn network and take ownership of the safety of your professional identity:
- Do your due diligence. Think about how you know the user wanting to connect with you. Have you met them in person? Do you recognize their company? How do they claim to know you? Remember: do not depend upon mutual LinkedIn connections to vet any requests.
- Never assume direct messages are legitimate.If you receive unsolicited messages, try to confirm with the sender how they know you. Ask straight up: “Is this really you?” If their response is vague or defensive, it’s probably a scam.
- Perform an audit of your LinkedIn network and profile. Review your LinkedIn connections to identify and remove any connections you do not immediately recognize and suspect may be false.
- Embrace the Disconnect Button.Do not be afraid to disconnect with anyone you suspect of being a fraud. If it turns out that person was, in fact, legitimate, explain the situation in a private message and offer to reconnect with them again.
- Report any misrepresentations. Search your own name in LinkedIn to root out any doppelgangers and report them to LinkedIn Support for permanent removal.
LinkedIn is not a popularity contest. It is a business asset worth protecting. Be vigilant about who you allow to join your network, as well as whose networks you choose to be a part of, and remember: it’s the quality of your professional network that matters, not the number of connections.
— By Josiah Petrin, PR Apprentice