Beware of Seductive Honey-bots Infiltrating Social Media Apps

Some LinkedIn members were flattered when ‘Keenan Ramsey,’ wanted to connect. After all, Keenan had an impressive resumé, high-flying, contacts and promoted herself as a ‘growth specialist’.

Too bad Kennan was also a suspected spy prowling LinkedIn and Facebook/Meta with an AI-generated photo, one of thousands of honey-bots believed to be hoovering up data and conducting deepfake job interviews. Their goal? Ingratiate themselves into your circle, steal your data and contacts, and possibly even get a job at your company so they can spy on your coworkers and clients too.

LinkedIn profile on social media


Social media: a powerful magnet for spies

Fraudsters are gaming the online interview process by applying for remote-work positions in tech, computer programming, and software-related jobs - some of which would give the criminals access to financial data and corporate IT databases, the FBI Internet Crime Complaint Center warns.

So far, the tech used appears to be crude, however: “In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking,” the FBI said. “At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually.”

Social media montage

With more than 800m members across 200 countries, LinkedIn is an ideal platform to make business connections and source talented recruits but there’s an element of risk.

British spy agency MI5 said foreign spies are targeting LinkedIn and Facebook/Meta on an ‘industrial scale’ to gather intelligence about the UK’s national security. MI5 detected more than 10,000 “disguised approaches” from 2021 to 2022. Current and former civil servants are particularly vulnerable targets as are people working in high-tech and academia.

LinkedIn, Facebook/Meta, Instagram, Twitter, and other platforms are all cracking down on fake profiles but with hundreds of millions of users it is difficult to police. 

Beware of Seductive Honey-bots Infiltrating Social Media Apps

SPYSCAPE
Share
Share to Facebook
Share with email

Some LinkedIn members were flattered when ‘Keenan Ramsey,’ wanted to connect. After all, Keenan had an impressive resumé, high-flying, contacts and promoted herself as a ‘growth specialist’.

Too bad Kennan was also a suspected spy prowling LinkedIn and Facebook/Meta with an AI-generated photo, one of thousands of honey-bots believed to be hoovering up data and conducting deepfake job interviews. Their goal? Ingratiate themselves into your circle, steal your data and contacts, and possibly even get a job at your company so they can spy on your coworkers and clients too.

LinkedIn profile on social media


Social media: a powerful magnet for spies

Fraudsters are gaming the online interview process by applying for remote-work positions in tech, computer programming, and software-related jobs - some of which would give the criminals access to financial data and corporate IT databases, the FBI Internet Crime Complaint Center warns.

So far, the tech used appears to be crude, however: “In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking,” the FBI said. “At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually.”

Social media montage

With more than 800m members across 200 countries, LinkedIn is an ideal platform to make business connections and source talented recruits but there’s an element of risk.

British spy agency MI5 said foreign spies are targeting LinkedIn and Facebook/Meta on an ‘industrial scale’ to gather intelligence about the UK’s national security. MI5 detected more than 10,000 “disguised approaches” from 2021 to 2022. Current and former civil servants are particularly vulnerable targets as are people working in high-tech and academia.

LinkedIn, Facebook/Meta, Instagram, Twitter, and other platforms are all cracking down on fake profiles but with hundreds of millions of users it is difficult to police. 


Fake LinkedIn profile


Katie Jones: Too good to be true?

Katie Jones, a 30-something redhead, seemed to be well-connected in D.C. power circles with a great job at a think tank and a direct line to a deputy assistant Secretary of State.

Unfortunately, Jones’ profile picture appears to have been created by a computer program and she may be a phantom, several experts told AP. 

William Evanina, director of the US National Counterintelligence and Security Center, said foreign spies routinely use fake social media profiles to target Americans: “Instead of dispatching spies to some parking garage in the US to recruit a target, it’s more efficient to sit behind a computer in Shanghai and send out friend requests to 30,000 targets.”

To complicate matters, deepfake avatars are becoming indistinguishable from reality as technology becomes more sophisticated. A quick check should help you sort the deepfakes from valuable connections. Do the contact’s education and work history connect logically? Are there inconsistencies in dates or locations? Is their information incomplete? LinkedIn has also provided a list of five steps to help determine whether members are spies looking to steal your information.

Social media montage

How to Spot Fake LinkedIn Accounts

1. Are you receiving multiple invites from people in the same company?

Repeat invites are often a sign of fake accounts. Quite often they will use well-known companies such as Microsoft, Oracle, Bank of America, etc. Another giveaway is when you start receiving multiple requests from people with very similar, generic headlines.

2. Suspicious profile image

If a profile photo looks like a stock photo, look it up with Google search by image to see if the picture has been used elsewhere on the web. A generic picture, such as a flower or another random object, can be a sign of a fake profile. A celebrity’s photo or a provocative pose are other red flags. 

3. Little personal info

Does the profile consist of mainly generic statements lacking specificity in the summary and experience sections? Beware, it may be a fake.  

4. Suspiciously attractive members

Being attractive isn’t a red flag but it may be if the person contacting you works in a totally unrelated field and has only a few connections.

5. Premium Members Can Be Fakes Too

Even fake accounts can have Premium LinkedIn membership, so don’t accept an invite without reading the profile.

Read mORE

RELATED aRTICLES

This story is part of our weekly briefing. Sign up to receive the FREE briefing to your inbox.

Gadgets & Gifts

Put your spy skills to work with these fabulous choices from secret notepads & invisible inks to Hacker hoodies & high-tech handbags. We also have an exceptional range of rare spy books, including many signed first editions.

Shop Now

Your Spy SKILLS

We all have valuable spy skills - your mission is to discover yours. See if you have what it takes to be a secret agent, with our authentic spy skills evaluation* developed by a former Head of Training at British Intelligence. It's FREE so share & compare with friends now!

dISCOVER Your Spy SKILLS

* Find more information about the scientific methods behind the evaluation here.