If you've been approached by recruiters on LinkedIn for a potential job opportunity, you may want to pay attention to this recent scam.
In a LinkedIn post, a prospective UI/UX Designer attending a University believed she was being interviewed for a position at Splunk, a prestigious software company. She received an email interview invitation and spoke to a 'recruiter' and eventually the 'CIO'.
Then she got the request to link up her credit card so then she could be given 'company funds'. It was in fact a scam and the bad actors were only using her credit card to buy Apple products and other equipment for themselves.
While the victim took immediate action by stopping the shipment, freezing her credit card, and report identity theft to the Federal Trade Commision (FTC), she was still a victim of social engineering. She stated that the threat actors used common language such as, "You're Welcome Splunker!" to sound like these were legitimate employees. She even included a screenshot with a conversation:
Source: LinkedIn
This case the victim came out unscathed, but this can happen to anyone in your organization. It is a must to implement new-school security awareness training to ensure your users know how to spot and report social media scams.
