- Cybercriminals are creating thousands of fake LinkedIn profiles with unique AI-generated profile photos, making them harder to detect.
- Although some of these profiles looks completely abandoned, some of them are trying to join invite-only groups.
- Cybersecurity experts stated that some of these accounts are spreading malware, especially infostealers with messages.
We have all seen artificial intelligence’s capabilities when it comes to creating images. However, cybercriminals are using it to create profile pictures of non-existent people and combine them with job descriptions and other information stolen from real profiles on LinkedIn to create fake profiles. These profiles are using uniquely generated photos, which makes them harder to detect.
Almost impossible to detect
Thousands of these fake profiles indicate a new trend, however, researchers are confused about the motive behind this new trend. According to the most common idea, these profiles are attempting to access various invite-only LinkedIn groups. Since group administrators are receiving hundreds of applications, it is very hard for them to spot fake ones. Another popular idea says that these accounts are trying to lure people into investing in crypto scams and other platforms.
However, most of these accounts seem to be passive. They are not being monitored, they are not posting anything and not responding to messages. Some cybersecurity experts stated that they found evidence of notorious hacker groups trying to spread malware by using these accounts among job seekers, especially in the cryptocurrency industry. These accounts can also be used to spread fake news.
KrebsOnSecurity contacted LinkedIn about the issue. According to the announcement made by the popular platform, they are working on new methods, such as domain verification. LinkedIn said,
« This is an ongoing challenge and we’re constantly improving our systems to stop fakes before they come online. We do stop the vast majority of fraudulent activity we detect in our community, around 96% of fake accounts and around 99.1% of spam and scams. We’re also exploring new ways to protect our members such as expanding email domain verification. Our community is all about authentic people having meaningful conversations and to always increase the legitimacy and quality of our community. »