According to SecurityWeek News the LinkedIn accounts of security specialists have been bombarded lately with recruitment requests from numerous fake accounts. Supposedly someone are trying to map out their networks. The fake recruiter accounts follow the same template using an image of an attractive woman to lure the specialists in. Those same profiles are also sprinkled with buzzwords to appear legit. One funny thing to notice is that these recruiters “works” for the same company, namely “Talent Source”. According to several news outlets, this is serious matters.

In my opinion, I think this is mostly bull. It happens to any industry, not just the security industry. Let’s face it, LinkedIn is one of the most used OSINT resources out there, next to Google. It’s fairly easy to find information on LinkedIn, Searching for specific job titles and companies yields great results. Come on, it’s a CV database hooked to a social graph. Of course you will find information there! Tricking persons to reply is a great way of finding out if you can pivot.

It amazes me that this escalated so quickly. The more information we leave left in the open, the more easier it will get to abuse the information and draw conclusions from it. By now we should be aware of the dangers related to social media. Apparently we’re not. Attackers should know. Targeting the security industry is just another tactic from the same problem domain. I would believe the same tactics applies when attackers want to spy on other industries. Just to illustrate, on my personal LinkedIn profile I tend to get:

  • Business proposals. These are so über secret that I must keep my mouth shut about it. I got so fed up by them that I started to report them to LinkedIn. Actually, I reported my former boss when he offered me a business proposal. Funny thing is, I knew that his request was indeed legit.
  • Requests from nice looking female recruiters wearing sport bra and yoga pant. Funny thing is, they got degrees from Harvard, Stanford and Oxford. Academic merits and sexiness sure go hand in hand.
  • Emergency cry outs. It appears that especially banks need my services.
  • Network requests from people I don’t know – especially people from Asia. Most often these accounts screams out being fake.

This happen all the time. In fact, it happens so often that several people have written about it:

Security specialists should know better than to accept these requests. They often do. The news article doesn’t mention if the specialists fell for it or not. I just wanted to point out that this kind of attack happens in all industries, not just the security industry.