LinkedIn – Surge of fake profiles and increment of illicit activities

Pierluigi Paganini January 09, 2014

LinkedIn company filed a complaint in San Francisco against unknown hackers responsible for the creation of an impressive amount of fake profiles.

LinkedIn is considered the social network of professionals, its scope is to give the possibility to the users to build their network of business relationship, sharing content of interest and exchanging opinion and suggestion in dedicated discussions.

But LinkedIn represents for hackers and cyber spies an amazing source of information that could be gathered and exploited to conduct cyber attacks like a spear phishing offensive against a group of person sharing similar characteristics (e.g. Employees of the same companies, participant to organization or projects), habits or attitude.

Recently, numerous professionals have focused their interest in the study of these complex networks designing advanced tools able to mine an impressive amount of information on a target profile, one of the most interesting research produced the tool known as FBStalker, a tool created to find a comprehensive amount of data on any Facebook user.

On the other side cybercrime is using automated software to conduct illegal activities on the principal social networking platforms like Facebook and LinkedIn, for example, it has been observed by security expert an increment of scraping practice.

The term scraping refers the practice of extracting information from a web application or a web site, in this case of social networks with the intent to create thousands of fake member accounts copying data from member profile pages.

Fake LinkedIn fake profiles

The scraping is considered illegal by US computer fraud laws and banned by any social network’s user agreement, including LinkedIn’s user agreements and federal. LinkedIn has recently filed a complaint in federal court in San Francisco against unknown hackers responsible for the creation of an impressive amount of fake profiles.

“It has also strained and disrupted the company’s network computers and threatens to degrade the value of LinkedIn Recruiter, a fee-based service used by Fortune 100 companies that’s one of the company’s fastest-growing offerings, according to the complaint.”  reported a post published on Bloomberg.

“It undermines the integrity and effectiveness of LinkedIn’s professional network by polluting it with thousands of fake member profiles,” Jonathan Blavin, a lawyer for the company, said in the complaint.

The extension of fraudulent activities is significant, since May hackers succeeded in the creation of thousands of new fake profiles, in this way they build an entire network of fake account obtaining the access to  hundreds of thousands of member profiles each day.

The principal attacks against LinkedIn exploited the Amazon cloud computer platform reported the complaint, LinkedIn expects to identify the cyber criminals by serving subpoenas on the Amazon service, but I add that the attribution of responsibility is very hard. Recently the interest of hackers against cloud architectures is increased, these platforms are ideal for the launch of cyber attacks financially motivated.

Despite principal hosting cloud providers monitor carefully for abuse of accounts and infrastructures the phenomena are in constant growth especially in US. US is one of privileged countries to host malicious architecture due high availability of its infrastructures.

“You can move your command and control servers to Kazakhstan, but that’s not a very good business decision,” “The U.S. has redundant power, high availability and great peering; these are things all these guys are looking for.” Monnier declared.

Cyber criminals exploit compromised hosting account on cloud infrastructures, or they set up accounts to conduct fraudulent activities. The acquisition of fraudulent accounts is done using a stolen digital identity and payments are executed with stolen credit card or using compromised payment services accounts.

LinkedIn confirmed in the complaint that it is tracking fraudulent activity of the fake profiles and it has already disabled many of them, actually it is seeking a court order blocking the practice and unspecified damages.

“We’re a members-first organization and we feel we have a responsibility to protect the control that our members have over the information they put on LinkedIn,” said Hani Durzy, a spokesman for the Mountain View, California-based company. LinkedIn said it has more than 259 million members.

The problem of fake profiles is just one of the malicious activities conducted by cyber criminals, it is increasing in fact the practice to use social network for phishing activities and to server malware, those activities are set to increase.

Pierluigi Paganini

(Security Affairs –  social networks, LinkedIn fake profiles)

you might also like

leave a comment