Every week I receive at least two invitations to connect on LinkedIn from people with fake profiles. I usually decline the invitation and report the profile to LinkedIn (I know that nothing is going to happen, but sometimes I am optimistic). For some time, I was curious about these profiles and especially the people behind them. My curiosity won, so with two of my friends I decided to do a small test to find out who was responsible, why they were doing it and how it all works. So we started accepting these invites to see what would happen.
Since a test in which all three participants are from the same field would not be much fun and we would probably miss out on some interesting findings, both of my friends represent differing fields. One is a developer; the second is engineer in the construction industry.
Disclaimer: All the tests were conducted after working hours and no, I wasn’t bored, I was just curious. :) And I didn’t write this as a manual for these scammers, but in the hope that some LinkedIn users will start thinking about accepting these invitations. And I hope that LinkedIn will be removing these accounts much faster.
How to spot a fake profile
You have received an invitation from Elon Musk, Bill Gates, Mark Zuckerberg etc. out of the blue? When somebody like them contacts someone like you, you must be pretty lucky. Don’t get me wrong — perhaps you are lucky or you work with these guys, but if you have never even met them, let’s think about that. Why are they sending you an invite? I know it is tempting to be approached by some well-known people, but 99,99% of them are fake accounts. When you get this invite don’t rush to accept it, take a moment to check the profile.
Also many fake accounts have the first and last names all in lowercase letters. (But I am not sure why)
If you see that the profile who just sent you an invitation has a Premium account, this could be a good sign that the account is real. Scammers do not spend money on these upgrades, at least I have never seen or heard about any fake profile with a Premium account. But some scammers are clever, they will find a way to work around this.
A LinkedIn profile without a picture is not as trustworthy as a profile with a picture, and the people behind these fake profiles know that. Junior scammers use generic pictures from the internet, mostly from photo databanks. So it’s easy to spot them, because models or actresses do not use a different name just because they want to connect with you on LinkedIn.
The intermediate scammers use pictures from various blogs and sometimes they use the same name of the blog author just to give the impression that they are a legit person. The advanced scammers cut the faces from group photos to avoid detection through a reverse image search.
There is an easy way to spot a many of these profiles with a fake photo, but these require checking the profile on a computer. There are ways to do it on the phone, but you are probably using a LinkedIn app on your phone, so it won’t be easy.
For a reverse image search you can use Google Images and/or TinyEye. Both sites give similar results, but I always start with Google Images and if I am not sure, I try TinyEye or any other similar site.
How to check a photo using Google Images — on a computer you can easily do this:
- Right-click any image you see on a website or in the search results.
- Click Search Google for this image.
- A new tab will open with your results.
If you see that profile picture is used on various sites and it’s not connected with that person (company site, personal blogs, Facebook or twitter account etc.) don’t accept it, just report the account.
Network — connections
Name, profile photo both look legit, but you are still not sure? Check the connections. If you can see only a few, e.g. 47 and two hours after you receive the invitation the profile has 300 connections, it’s probably a fake account that is trying to get at least 500+ to mask the lower number. Of course it could still be a real person who is just very active and only recently joined LinkedIn, but if you are approached by some CEO whom you have never heard of with only 12 connections, it is probably a fake account.
Usually I check for common connections, because if I see that 10 of the 12 are all recruiters it raises suspicion. Most of these scammers start adding recruiters first, they will help to expand the network rapidly, because recruiters have the biggest networks on LinkedIn. Scammers know that and they also know that there is a higher possibility that we are going to accept an invitation from unknown people. Plus, if others receive an invitation from the fake profile and see that they have common connections it looks more legit to them.
Incomplete profile/limited information about work experience
The director of a company just sent you an invitation; when you check his profile you can see only one line of the text about work experience and nothing else. It could be somebody who has not spent time filling in the LinkedIn profile or it could be that you just received an invite from the fake profile. Usually if the profile has only few lines of work experience, like the name of the company and job title, the profile has been created for the sole purpose of collecting email addresses and personal data. So it’s fake.
To save time some of the scammers copy and paste a summary/experience into their fake profile. You can also check the work summary and work experience when you paste this part of the text into a search engine and this could help you to locate real profiles.
Many scammers also try to fill their profiles with lots of keywords just to gain visibility through the LinkedIn built-in search functionality in order to help them attract more people.
If the profile has quite a few recommendations, you can consider them as genuine. Yes, it could still be a fake profile, but more recommendations on the profile often means that its real, because even scammers are not going to create five other profiles just to add five recommendations to the sixth one. It’s time consuming and in this scam business, the old saying “time is money” is just as valid as any other business.
Fake profiles often have few or no endorsements. Yes, a few people accidently endorse them even if they don’t know them. Or they endorse the scammer because the scammer profile has endorsed them so they feel the need to return the favor. But many fake profiles have a limited list of skills and endorsements. If you see somebody with 99+ endorsements for some skill, the profile should be real.
Our small Scammer Test — What We Did?
We accepted most of the fake invites and we waited to see what would happen. Occasionally we started communicating with these fake profiles, because we wanted to learn more. During our discussions we customized the email addresses, websites or URLs in inMails so that we could track the location where the email address or URL was opened (IP, City, Country), and how many times that person opened the e-mail, visited the website etc. Most scammers were using their own IP address, a few were using some VPN solution and a handful were using TOR.
And what did we learn from this test?
- Companies/individuals use live e-mail address for marketing purposes. The scammers are collecting e-mail addresses that people are really using (in many cases). Most of the profiles we accepted collected our e-mail address, so we started receiving more newsletters/spam, offers from online training providers, and services.
- They contact you to ask you for your help. So after you get this inMail (see James Burns inMail) or any variant of it, don’t respond, and make sure you delete the connection. If you get this inMail expect the usual advance-fee scam (419 scam).
- My favorite one is “Nigerian astronaut lost in space needs $3m to get home”
- Hackers also use fake profiles to target victims so that they can gain access to internal networks. Be very cautious when you receive a URL or file with the heading: “Check out this great article/story.” etc. This URL or file could infect your computer with some nasty ransom-ware or Trojan virus. We also got few files containing viruses, malware etc. (Thanks to KIS from Kaspersky we were able to identify them).
- Scammers are also learning your network for future scams, so it’s wise to turn off connection visibility.
- Some recruitment agencies create fake profiles in order to get candidates’ contact details easily, without the need to pay for a premium account. There is better chance that you will accept an invitation from somebody with similar experience to you than from a recruiter from that agency. Also if candidates see a common connection, that the new “colleague” also has in his network (same recruiters, colleagues etc.) as they do, it raises the possibility that they will accept the invitation from the scammer.
- Some companies use one profile for many recruiters, so if one recruiter leaves the business somebody else can continue with the profile. Sometimes they just use a general promotional profile for the company/agency.
There are many other reasons for creating fake profiles, but it would be a very long article if I listed them all.
What surprised us
- Since my friends and I are in the Czech Republic, we were targeted mostly by scammers from the Czech Republic. But I was surprised that some profiles with Czech names were created in Nigeria and other parts of Africa, so yes we live in a small world. :)
- I was also surprised by some of the Czech recruitment agencies behind some of these fake profiles. I know it’s fast way to get the contact details from a developer (one friend) or a CAD designer (second friend). But really?
What can you do about false profiles
It’s great to have the LinkedIn app on the phone. It helps us to communicate very effectively over the phone, but this app is also our weakest link in our fight against scammers. When you get a new invite on your phone it’s very easy to hit the “accept button”, without checking the profile. And it’s difficult to check for fake photos and other information on the phone. Don’t forget that you don’t have to accept every single invitation immediately. If you are not sure, give it a few days before you accept it. I know, accepting an invitation from Elon Musk, Bill Gates etc. is tempting. But don’t worry, even after five days the invitation will still be there, and when you visit the profile after five days, it could already be blocked or removed.
If you find a fake profile, LinkedIn has a function for reporting them. So you report them and decline their invitation, it’s simple. If you don’t know that person or you are not sure if the person is real, don’t confirm it. Don’t forget that when you accept the invitation you are helping the scammers to spread across LinkedIn.
When people in your network see that you are the common friend of the new contact (fake profile), it increases the chance that they will also accept the invitations from that scammer.
Be careful about invitations and always be skeptical.
Originally published at LinkedIn