LinkedIn, with its 364 million active users worldwide, has become one of the most popular professional social networking services today. Viadeo, a similar service for French users, also has a steadily growing user base of 65 million. With that many people publishing their work profiles online, it’s only natural for attackers to take notice and do something with that data. In the wrong hands, that type of information can put you or your company at risk.
Here are a number of practical ways to detect if someone is trying to trick you into divulging sensitive company information.
Who would want to trick you on professional social networks?
There are three kinds of people who might be inclined to do so:
These attackers are looking to get any kind of information that they can use to infiltrate your company’s network. They will use social engineering techniques to try to entice you to accept invitations from them. They are also likely to send you emails with malicious attachments or links, both of which will end up infecting your computer with malware. When installed, the malware, which serves as a backdoor, will grant these attackers access to your system and your company’s network. From there, they can do just about anything: steal company secrets, tamper with the infrastructure, and the like.
Using false identities and companies, these people want to befriend you on social networks to get in touch, be really friendly, and slowly gain your trust. Once they manage to do that, they will abuse that trust. They will either ask you to reveal the information they need or let you do the work for them when you share too much about your work or your employer. Competitors can use this information to gain advantage over your company.
These people will want to collect as many contacts as possible. They do this to constitute whole databases about your company, its employees, and the specific projects they are working on. They use these databases to find the right people to hire away or pirate for the right employer.
While their motivations differ, the end-goal is always the same: connect to collect. Generally, these people start by sending you an invitation. They will pretend to be co-workers, customers, or a boss. If you accept, they will be able to see your entire profile and have access to your contacts. They want to add you or join the private groups you run so that they can know as much as possible about your company.
Case study at Trend Micro France
As a huge IT security provider, Trend Micro is often targeted by attackers or aggressive head hunters on social networks.
Recently, we saw a wave of Viadeo invitations arrive at Trend Micro France that involved one Viadeo profile that targeted several employees. The person behind the profile pretended to be an IT manager of 18 years from Trend Micro Australia. This person’s profile was quite empty, and contained only 4 contacts.
The profile says that this person studied at “havard, new yord”, an obvious typo for “Harvard, New York.” This was enough to raise suspicion, and a quick check of the company directory confirmed that there was indeed no employee with the name stated on this mystery profile. Another check was done to make sure that the person was not an ex-employee as well; he was not.
This was a clear attempt to collect contacts and information from Trend Micro.
As an immediate response, an internal alarm was raised about this profile to inform all the employees and avoid any trouble.
What makes a profile suspicious on a social network?
We decided to establish a list of questions you should always ask before engaging anyone or accepting any invitation on a social network:
What should you do when you spot these signs?
Here are a few easy tips:
If after all this, you’re still unsure about accepting an invitation, it’s best not to. It’s really not a big deal. Better safe than sorry.
Contributor: Cedric Pernet, Trend Micro Threat Researcher
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.