Fake accounts on LinkedIn: time for a purge

Why you should purge your company’s LinkedIn page from fake employee profiles, and how to do it.

Purging your company’s LinkedIn page of fake employees

Among social networks, LinkedIn holds a rather unique position. The platform is designed for communication among professionals, which automatically implies contact with new people, almost complete transparency of user information, as well as a fairly high degree of trust in total strangers.

The downside of this is the relative ease of creating plausible fake profiles. For instance, in the fall of 2022, security expert Brian Krebs uncovered a whole bunch of fake LinkedIn accounts purporting to belong to the Chief Information Security Officers of various major international companies. Plus several thousand fake accounts listing a real business as employer.

The motives of the scammers vary. But one thing they have in common is that they don’t give a hoot for the HR-brand or the reputation of the companies where they supposedly work. Given this — two questions arise: is it possible to get rid of LinkedIn fakes, and how can you protect your company’s brand?

How LinkedIn fights fake profiles

The problem of fake profiles on LinkedIn is far from new. Every six months, the social network reports, among other things, how many fake accounts it has blocked. The exact figures vary from year to year, but we’re talking tens of millions of profiles every reporting period. For example, from early 2019 to mid-2022, the social network blocked almost 140 million fake accounts.

Most fake LinkedIn profiles (95.4% of them in H1 2022) are blocked automatically. More often than not, fakes are weeded out while still at the registration stage: depending on the period, 70–90% of blocked accounts get shot down at takeoff. Fake profiles blocked due to a user complaint make up less than one percent. Nor are there many of them in absolute terms: for example, only 190,000 fakes were blocked because after complaints in H1 2022.

LinkedIn doesn’t specify exactly how it identifies suspicious profiles, but it does give a few details about what raises eyebrows. One red flag is excessive sending of messages. Another is a geographical mismatch — when “Location” in the profile shows one region, but the account was registered in an entirely different one. In addition, a page can be flagged as suspicious if it has some patterns common with other fakes that have already been detected and blocked.

Late last year, LinkedIn introduced several innovations set up to combat fakes:

  • The social network now checks profile photos to see if they are AI-generated.
  • Suspicious messages now carry warnings.
  • Another new feature is the “About this profile” tab. It shows the approximate date of the account’s registration and other information to help users decide whether it’s trustworthy.
LinkedIn now has an

To find the “About this profile” tab, press More at the top of the user’s page

Is it working?

But are LinkedIn’s measures to fight fake profiles succeeding? To find out, Wired magazine undertook a small experiment. First, the journalists created two entirely fake profiles populated with AI-generated texts and photos. The next day, LinkedIn asked both users to confirm their identity and ultimately blocked the accounts.

Next, the journalists tried a different approach: they created a full-blown copy of the profile of one of Wired’s own editors; with a single difference — the profile photo was replaced (with another real picture). Also the only contact information they provided was an e-mail address registered with Proton Mail (an encrypted webmail service popular among folks who value anonymity). This fake account existed on LinkedIn for two whole months, receiving and sending messages, making new contacts and promoting Wired content, before the journalists themselves deleted it.

What’s the upshot? This experiment suggests that LinkedIn is pretty good at dealing with simple fakes. But anyone who takes a bit of time and care to produce a more convincing forgery, using real information about a real person, could well slip past LinkedIn’s gatekeepers.

How to purge your company’s LinkedIn page of fakes

It is possible that someone is already using your company’s name — and your real colleagues’ information — for their own nefarious purposes. Therefore, it would be wise to scrub fake profiles from your company’s list of employees. Start by measuring the scale of the problem: simply compare the number of LinkedIn profiles that list your company as their current employer with actual number of employees.

Also, do a geographic assessment: see how many of your employees are listed in certain regions according to LinkedIn, and compare this with the reality. This should help localize the problem, since fake profiles are very likely to indicate a certain region where scammers are looking for victims. Therefore, fake accounts that give your company as their place of work probably won’t be evenly distributed around the world (most likely they’ll be concentrated in one or several regions).

Depending on the outcome of these checks, and also the overall size of your company, the next steps may vary. If there are relatively few fakes and you managed to localize them geographically, it will be easy enough to identify most of them and report them to LinkedIn support.

If the problem is of a larger scale, it would make sense to start the purge from the top down, prioritizing the fake profiles that impersonate top-level employees. The simplest way would be to take a list of senior managers and search for their LinkedIn profiles by name. If duplicates are found, the real page will most likely be distinguishable from a fake by the date of registration. Also pay attention to geographical mismatches, as well as odd profile pictures.

The platform itself can solve the problem at least with top-level fakes by verifying the accounts of public figures and company executives, for example, using the familiar blue-badges. But, unfortunately, LinkedIn announced plans to introduce such a method only in April 2023. For starters, verification will be available in test mode only for a few large U.S. companies. When other organizations will be able to confirm that network users are really their employees is unpredictable.

Dark side of the moon: fake employees of other companies

There’s another side to the problem: scammers can attack your employees using fake LinkedIn profiles of people who supposedly work for another organization. You don’t have to look far for an example of where this could lead: just last year this kind of attack was carried out against Sky Mavis, the developer of the play-to-earn game Axie Infinity.

The attackers contacted one of the company’s employees via LinkedIn, supposedly with a job offer. Next, they sent the employee an infected PDF with which they were able to gain access to the company’s network and steal the keys used for transaction validation. With these keys, they cleaned out the company’s cryptocurrency accounts. The losses amounted to more than 500 million U.S. dollars, earning this incident the honorary title of one of the largest crypto heists in history.

Defending against such attacks may be not easy. But raising your employees’ awareness of information security can certainly make a huge difference. And the best way to do that is through regular cybersecurity training. The ideal solution for this is the Kaspersky Automated Security Awareness Platform.