IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

LinkedIn Job Offers Surface as Another Vector for Cyberattacks

Job offers sent through the professional network LinkedIn seem to be the latest tool for hackers after personal information.

(TNS) — Hackers don’t always use sophisticated methods of baiting people into clicking on infected links or offering up personal identifying information.

Sometimes it’s simple: A message pops up on the popular professional social network LinkedIn, offering you a job. The job looks appealing and in your area of interest. There’s a link to an online application that asks many of the usual questions.

The trap is laid.

As job applications and professional interactions move primarily online, so do cybercriminals looking to turn a profit. Cybersecurity experts who track rising threats online said they’ve noticed a new trend recently: hackers using fake job postings to dupe people into giving up their full names, dates of birth, Social Security numbers and more.

Millennials, the tech-savvy generation generally defined as anyone born in the 1980s or 1990s, have become the primary targets and victims of these attacks, said Doug Pollack of ID Experts, an identity protection firm.

That’s not typical. Usually, it’s older, less technology-literate users who fall victim to such attacks.

“This is an interesting phenom because you’re dealing with a demographic that is very used to putting their lives online,” Pollack said. “So despite the threats, people in that demographic are much more likely to be very transparent with a lot of personal information and not as paranoid as, say, people in an older generation who aren’t used to being headhunted online.”

These attacks have a high rate of success, experts said, in no small part because there is an implicit level of trust around job applications and using a familiar tool, like LinkedIn, to connect with strangers.

Job recruitment via social media has grown substantially over the past several years, according to a 2016 study by the Society for Human Resource Management. The vast majority of companies surveyed — 84 percent — reported using social media to recruit potential job candidates, up from 56 percent who reported doing so in 2011.

Online resources have become such common tools for job seekers that, according to the Pew Research Center, using the Internet to look for work now rivals personal connections and networking as Americans’ No. 1 source of job information.

“You’re more likely to assume that there’s a level of credibility if you’re using a site that you know and use all the time, like LinkedIn,” Pollack said. “It’s already an environment where you’re almost expecting these kinds of offers and solicitations to be delivered to you. It doesn’t seem abnormal.”

LinkedIn and other social media sites have community standards that forbid deceptive behavior and insist that users do not engage in any illegal activity.

But when cyberattacks pose as legitimate interactions, they can be difficult for companies to identify. Social media companies therefore tend to rely on user reports to root out fraudulent activity.

LinkedIn has a “dedicated team whose responsibility it is to use proactive measures to protect members, in addition to investigating member reports,” spokeswoman Sophie Sieck said.

The company declined to go into detail about the methods used to detect frauds and scams on its social network, citing a concern that revealing its tactics could clue cybercriminals in to how best to beat the system.

On its site, the social media company also outlines signs of a scam to educate its users: Be wary of offers that seem too good to be true, job solicitations that seem impersonal or poorly written, or anyone asking for financial information.

“We encourage our members to report any messages or postings they believe are scams and utilize our member help center as a resource to educate and protect themselves from frauds online,” Sieck said.

But these suggestions belie the reality that many of these phony job applications look and sound just like the real thing.

©2017 the San Francisco Chronicle Distributed by Tribune Content Agency, LLC.