Websense identifies info-harvesting profile on LinkedIn

Security researchers have discovered a LinkedIn scam profile configured to gain intelligence on LinkedIn users

A LinkedIn scam profile configured to use social engineering techniques to gain intelligence on LinkedIn users has been discovered by security firm Websense.

The malicious profile is being used to view the profiles of intended targets under the guise of "Jessica Reinsch", according to the firm’s security labs.

Any LinkedIn user can see the most recent five users who have viewed their profile, and most users are keen to understand who may have done so.

This is the method used by the attacker to entice LinkedIn users to view their bogus profile, which leads to a dating site.

Websense believes the site was set up to make targeted connections as it is hosted in the same IP range as sites known to host exploit kits.

LinkedIn, used by more than 259 million members in over 200 countries, counts executives from Fortune 500 companies as members and its corporate talent solutions are used by 91 of the Fortune 100 firms.

The search features within the social network provide an easy way for scammers as well as legitimate LinkedIn users to zoom in on their target audience.

The bogus profile subscribes to LinkedIn's Premium Account service, which means that in addition to the basic search filters of location, industry, and language, the attackers can search based on function, seniority level, and company size.

“Although not currently directing users to malicious code, this [Jessica Reinsch] profile is likely to have been set up to make targeted connections,” said Carl Leonard, senior security research manager for Europe at Websense.

“As business profiles are big currency to cybercriminals, it is unsurprising that LinkedIn profiles are now being used to lure users to click on links that could lead to the darker places of the web,” he said.

Leonard believes that this form of information gathering for criminals could be extremely fruitful if organisations do not implement in-line real-time security to flag if a site is infected at the point-of-click.

Security researchers have recongnised that reconnaissance as the first step to most targeted cyber attacks.

This initial phase is used to uncover information that will facilitate the attacker to conduct a later, targeted attack outside the LinkedIn network.



Read more on Hackers and cybercrime prevention