LinkedIn, Think Before You Link
LinkedIn, the professional networking website, is a popular brand that criminals pose as when sending out phishing emails.
These phishing emails are designed to look like they come from LinkedIn but when a user clicks on the links in the email, they are sent to a malicious website designed to steal their login details such as an email address and password. This allows the criminals to access your account and collect personal information. You can add an extra layer of security to your social media accounts by enabling 2-step verification, also known as 2-factor authentication, to help protect your account even if the criminal knows your password. 2-step verification asks for an additional piece of information to prove your identity when logging in, such as a PIN or code.
Criminals may act anonymously or dishonestly online, in an attempt to connect with people who may have access to valuable or sensitive information such as those employed in government, the private sector and academia. They often pose as recruiters or talent agents who will approach users with enticing or ‘unique’ business opportunities for them to gain as much information about the target as possible. Centre for the Protection of National Infrastructure (CPNI) ‘Think Before You Link’ campaign includes practical advice on how to identify these profiles, how to respond and how to minimise the risk of being a target.
CPNI has launched an app which helps to identify fake profiles and report anything they find suspicious. The app includes 4 training modules that would be beneficial to any individual using social networking apps.
The training modules include:
- Recognise the profile – Recognise malicious profiles by teaching you some of the hallmarks that these profiles have.
- Realise the threat – understanding the behaviours that malicious profiles might display, helping you realise the threat they might post
- Reporting a suspicious profile – understanding when you should report and what you need to report when something is suspicious.
- Removing suspicious profiles from your network – sharing the importance of removing profiles from your network and why it is important to deny connection from profiles you haven’t verified.
Search CPNI on Google Play or Apple App store to download the app.