As we all know, social media loves scams!

Don’t Fall Into a LinkedIn Honey Pot!

Hackers use social media to target unsuspecting users searching for connections, job and business opportunities, and more. LinkedIn can be an effective platform for social engineering schemes as its users often inherently trust it more than others due to its focus on careers.

In one scheme, often referred to as “honey traps,” “love traps,” and “sweetheart scams,” LinkedIn users receive connection invitations from accounts displaying individuals accompanied by a message requesting to “become friends” or prompting a discussion about career or collaboration opportunities. The threat actor’s LinkedIn profile typically indicates that the account may have recently been created, as the user has few or no followers or mutual connections. An example of this is shown in the picture below. 

If the target accepts the connection request, the threat actor may send direct messages asking to sync up on other social media platforms or to meet in person while they happen to be visiting the target’s city. 

Once an online relationship develops, the threat actor attempts to convince the target to click on malicious links or download malicious files in order to access the target’s accounts or personal and professional information. Don’t fall for it! It’s best to ignore and block LinkedIn requests from people who are not relevant to your professional career. 

With any questions about this, contact us at Cyber Command.