The payload is triggered when banking employees click a phishing email. This particular campaign targeted employees responsible for the handling of the financial institutions' software and ATM protocols. The malware kicks up a gear with a remote access tool (RAT) that takes snapshots of the targeted computer's screen before sending it back to an offshore hacker. The credentials displayed on the screen is used to siphon money from the bank accounts to the hackers' accounts.
All of the above, entirely rendered plausible when hackers and fraudsters are setting up fake LinkedIn profiles.
Significantly, a lot of the fake, fraudster-led profiles have common themes and follow a specific pattern.
- They predictably use photos of attractive women from stock images. Several profiles also contain pictures of real professionals, in order to seem more convincing.
- The fraudulent accounts assume the identity as a recruiter of a fake firm. Alternatively, they also assume the mantle of being 'self-employed.'
- Lazily, a lot of fake profiles have their content copied from other profiles of real professionals.
- The profiles are littered with keywords, so as to ensure that the profile shows up among the top search results.
Why recruiters, you ask? A lot of LinkedIn users are looking for better employment opportunities or, at the very least, seeking to catch the eye of a recruiter. Posing as a recruiter was the obvious choice for fraudulent users.
The epidemic of fake profiles grew to such an extent that the BBC published a story covering a report by security firm Symantec.
Security researcher Dick O-Brien told the publication: "Most of these fake accounts have been quite successful in gaining a significant network - one had 500 contacts. Some even managed to get endorsements from others."
For its part, LinkedIn is usually adept in suspending accounts that are clearly in violation of certain rules set by the company, including one which decries the creation of fake profiles.
Dell's counter-threat unit identified at least 25 fake profiles which, bemusingly, had links to over 200 legitimate LinkedIn profiles.
The ways to combat phishing campaigns or being wary of fake LinkedIn accounts is through employee awareness training. Adopting sensible caution is always a must, especially when the LinkedIn user contacting the employee isn't one who is known personally. A good practice is to seek out confirmation about the individual by contacting the person's employer directly. Or, as in my case, you might want to do a little "googling" on your own - this has worked great for me.
Sign up for Computerworld eNewsletters.