A new article explains how business professionals are beginning to be not-so-professional and seeking to make personal connections. It’s only a matter of time before cybercriminals jump in.
I came across a recent Business Insider article entitled, “The hottest new dating site: LinkedIn.” The title made me laugh… and then when I put my cybersecurity hat back on, the laughing stopped.
According to the article, the author makes a case using some anecdotal and first-hand evidence that businesspeople are looking for love on LinkedIn. She tells the tale of one such professional, Samuela John, who actually made a legitimate personal connection with someone they didn’t know previously. It reads not unlike two people meeting on any other social media platform.
But the danger here isn’t the lack of professionalism - it’s the misuse of the platform’s ability to find and connect people by cybercriminals. Let’s use the Samuela John scenario and look at how cybercriminals could accomplish much the same.
- An unsolicited message was sent to Samuela
- The sender was a 2nd or 3rd degree connection, giving them enough credibility to warrant looking at the message
- The message was about a job offer
Given that we’ve seen plenty of examples of impersonation and account takeovers on social media, what’s to keep a cybercriminal from doing the exact same thing but pointing the intended victim towards a malicious URL?
The answer? Nothing.
Even when on a social media platform dedicated to business, it’s imperative that users be even more vigilant – something taught with new-school security awareness training – as they most definitely aren’t expecting a social engineering attack… which makes them the most vulnerable.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.