On 29 September, the North Korea-linked cybercriminal group Lazarus targeted a Spanish aerospace company through social media.
The attacker pretended to be a recruiter from Meta and contacted employees via LinkedIn Messaging. This tricked them into believing the message contained a coding challenge or a quiz. However, opening the link would allow a malicious executable to launch.
According to the newest research by NordLayer, half of businesses in the US (52%) experienced at least one LinkedIn scam this year. A request to connect from an unknown person with a suspicious link in the message is the most popular scam (47%). Unsurprisingly, this was the tactic employed by Lazarus, too.
In addition, a damaged reputation (48%) was the leading outcome of LinkedIn scams.
The research also showed that almost half of US companies (43%) are also aware of a scam on LinkedIn using their organisation’s brand name.
“Like in every social media platform, attackers and scammers seek information and money or ruin reputations,” says Carlos Salas, a cybersecurity expert at NordLayer. “We know that employees are considered to be the weakest link in the cybersecurity chain, and LinkedIn has millions of professional accounts, making it an even more appealing target for scammers. So no one should let their guard down, no matter how professional a message might look.”
Salas highlights the need for education: “Social media scams will remain a prominent issue for many years, and with the help of AI, such scams will be even more convincing and professional. Critical thinking and education are essential here.
“Stay informed about the latest scams, phishing techniques, and online threats. Educate your employees about common scams and how to recognize suspicious activities. Regular training and awareness programs can help everyone stay alert and cautious.”
In addition, various tools can come in handy: “Ensure that you and your employees use strong, unique passwords for all accounts. Implement 2FA wherever possible because it adds an extra layer of security by requiring a second verification form to log in.”