Social media is an integral part of our lives, from keeping in touch with friends to finding job offerings online. It’s actually quite surprising on reflection just how much we rely on it day to day.
However, that means that we shouldn’t overlook safe Cyber Security practices on social media, as well as anywhere else on the internet.
In this blog, we’ll be providing an example of the kind of threats you can find on social media, specifically, the recent surge in LinkedIn Phishing scams.
The LinkedIn Phishing scam trend
Scammers are exploiting mass tech industry layoffs and the increase in remote work to target victims with recruitment scams on LinkedIn.
To make matters worse, Oscar Rodriguez, the vice president of product management at LinkedIn, told the Financial Times that these scams are becoming more sophisticated.
This means the risk of Phishing on LinkedIn hasn’t just grown because of increasing frequency, but also complexity.
Typically, scammers are spoofing the pages of legitimate companies to snare victims. They are reaching out to victims via LinkedIn’s messaging system, imitating employers and even creating phoney Skype profiles to conduct follow-up interviews.
In a Community Report released in December 2022, LinkedIn said it detected and removed over 87 million spam or scam messages and nearly 22 million fake accounts in the first half of 2022.
According to the Federal Trade Commission (FTC), consumers reported losing nearly $8.8 billion to fraud in 2022. In the third quarter of 2022, the FTC received 22,325 reports about recruitment scams, with a median loss of $2,000.
What makes the Phishing scams sophisticated?
We suspect that the increase in sophistication of these scams is partly achieved by exploiting AIs like ChatGPT.
This is because scammers can effortlessly come across as more professional and knowledgeable, increasing how trustable they look to unsuspecting victims, by using this AI to write their scripted scams.
It also eliminates the risk of the scammers accidentally creating spelling or punctuation mistakes, which reduces the likelihood of a user noticing the Phishing scam.
To back this up with evidence, let’s test this theory. In the below image, I have asked ChatGPT to create a professional job offering message that is suitable for social medias like LinkedIn… here are the results.
As you can see, this would seem quite believable to any unsuspecting user on the internet, with very few tweaks needed.
To make things worse, all it took me to make that was a Google Account, and a 5-second wait. Additionally, it would’ve been possible for me to modify the results by entering a further command like “make it more casual”.
This is a classic example of how AI like ChatGPT can be used in a slightly more dangerous way, even though it’s a worthwhile note that this AI is capable of many great things too.
We actually made a whole blog on another way this AI could be used in Phishing, which you can find here if you want to check it out.
How can we combat this?
A key point to make here is that these threats (while dangerous) are far worse when the victim isn’t Cyber aware. A simple way of putting it is, you can’t fight what you can’t see!
This is the exact same with Cyber Security, if you aren’t aware of the signs of Phishing for example, then you’ll instantly become prone to Phishing attacks.
However, our most effective solution to this is to simply invest in Cyber Security Training. Regardless of whether you’re an individual or a business, Cyber attacks are indiscriminate, and anyone can be a target.
Even though certain Cyber Awareness schemes such as Cyber Essentials do cost money, in the long-term, it is more cost-efficient to train your employees or yourself in Cyber Security, as the cost of a data breach or leak will be much worse.
If this is something you are interested in, please, take a look at our Cyber Security Training services, which can help you spot any Phishing scam from a mile away!
Also, it goes without saying, simply reading blogs like this one will enhance your awareness of Cyber Security, so please, take a look through our other releases. Lastly, thank you for reading this blog!
