July 13, 2016
Linkedin, The Web's Most Popular Site For Job Search, Haven For Scammers Targeting Job Hunters

Linkedin overtook Craigslist to become the most popular job site online. Along with it came the scams. Criminals are using the site for everything from job to phishing scams.

WAAY reported that the latest scam on Linkedin involves a job scam. Sharlann Houston, a Linkedin user, went to the site to look for work. She said that her friendship with someone she served in the military with was used to try to scam her with the offer of becoming a mystery shopper.

"I got this message that said, 'hey, you received a message from one of your friends on LinkedIn.' So it took me a couple of days to look at it. When I opened it up it was from one of my friends that I was in the military with."
Houston decided to check out the offer for the mystery shopper. She completed a questionnaire and then received a letter from someone claiming to be her new boss. She was to receive a package, as well as a check for $3,000, and she was instructed to cash the check and go shopping. Houston saw the red flags, and she found out her friend's account had been hacked by the bad guys.

WHNT reported that there is a Linkedin phishing scam that is making the rounds. The email that is making the rounds seeks to get the personal information of the recipient of the email including birth date and social security number or financial information like credit card and bank account numbers. The information gathered on Linkedin is being used for identity theft and other fraud schemes.

The emails sent to Linkedin users included vague subject lines, veiled threats towards the person who received it, and a link to a fake Linkedin log in page where users are encouraged to log into their accounts to keep them from getting suspended. The site users are sent to download malware onto their computers that captures user information so that it can be used for identity theft. For this email, the country of origin was Brazil, and it was riddled with grammatical errors.

Motherboard reported that criminal forums have banned a hacker who is linked to both MySpace and Linkedin breaches. Several hackers and data trackers have gained notoriety lately because of these breaches, which dumped the data of hundreds of millions of users from these sites.

A user by the name of Tessa88 offered to sell these data breaches from MySpace and Linkedin for about six bitcoins or around $6,000. The deal to sell the data went sour when the user provided data that had either been tampered with or proven to be false. The forum, InstallsBuyer, wrote out a long complaint against Tessa88 that included apparent chat logs and alternate handles for Tessa 88.

The forum, which is in Russian, banned Tessa 88, and the site demanded a refund since the data wasn't as advertised. Tessa 88 first appeared on the forum in early 2016 and has since earned around $50,000 and $60,000 in fees from the sales of various data breaches. It is believed that the work was actually the work of two people instead of one.

Although scamming is nothing new in the digital world, customer service now plays a significant part in these criminal enterprises, and users can leave ratings and reviews based on their experience. No word has been given yet by either Linkedin or MySpace as to what is being done in order to secure user accounts and avoid data breeches in the future.

[Photo by Slaven Vlasic/Getty Images]