Beware the Siren Call
Linkedin professionals are increasingly being targeted by honeypot attacks
Am I becoming more attractive? Witty? A man about town? It would certainly seem so, considering the volume of highly educated, young, and attractive Asian women sending me LinkedIn connection requests out of the blue. Seriously though, these attacks, such as a recent one I’ve included below, are examples of the latest trend in Linkedin-based fraud, honeypot attacks.
How to Spot a Honeypot Attack
A honeypot attack is a type of cyber attack in which a hacker creates a fake account (such as on Linkedin) designed to lure unsuspecting victims into providing sensitive information, downloading malware, or incriminating themselves so that they can be blackmailed (not to release your conversations to their wife) as the eventual aim. The term "honeypot" refers to the idea of using something sweet to attract bees, and in this context, the attacker uses something attractive, such as a connection request from a young, attractive woman, to attract victims.
If the novelty of receiving unsolicited connection requests from beautiful women is not enough of a warning for you, other items you can look for include:
New or limited account activity: Honeypot accounts are often new, meaning they have few connections, no profile details, and no recent activity. Sorry, but if you are really an SVP of a cancer research center, I would expect you to have at least one other connection besides myself.
Obsequious connection messages: Be skeptical of overly friendly messages: Honeypot accounts often send overly friendly messages, complimenting you on your profile or work experience. Needless to say, beware of flatters in both your professional life and on Linkedin.
Immediate requests for personal information: Just as on a date or predate, when someone wants to know too much, too soon, about you, it’s a sign to be cautious.
How to Protect Yourself Against These Attacks
Use LinkedIn's privacy settings: LinkedIn has several privacy settings that can help protect you from honeypot attacks. For example, you can choose to only connect with people you know, and you can hide your connections from other users.
It’s too good to be true: In which case it probably is. Delete and move on. Sorry, you (or I) are just not that interesting. Men, switch brains and ask yourself, “Really?”.
By following these tips, you can reduce your risk of falling victim to a honeypot attack on LinkedIn. Remember always to be cautious when accepting connection requests and engaging with other users on the platform. If you suspect that an account is a honeypot, report it to LinkedIn immediately so they can take action (as in this case, it was taken down within a few hours).
Stay aware, stay safe.