Open in app

Sign in

Write

Sign in

LinkedIn, a Scammer’s Paradise

Felix Reznik
7 min readDec 5, 2014

Users Beware!!!

The other day I came across something very peculiar on LinkedIn when I went to look at a company page that I setup earlier.

A while back, I set up a company page for a business that I was planning on launching.

It was just a bare bones page, since I just wanted to lock in the custom URL for the company name. There was no content and barely any information.

But to my amazement, I apparently had 2 employees!?

There were two people from an eastern block country, who setup a LinkedIn account and claimed to be employees of my, still non-existent company!?

When I clicked on them to see who they were, I was unable to see much information as we were not “connected”.

So to understand the absurdity of this; LinkedIn had me verify an email from the matching domain when I set up this company page, I was the “company representative” and the company page “admin”, but I could not see basic information of my two (magically appearing) “employees”.

I don’t know what happened or how they were able to claim that they were employees of a company, when they were not, but I figured there’s got to be an easy fix.

A quick Google search revealed that there is a way I could remove them from being listed as employees but that required us to be connected.

What? So the only way I could remove some random person, who’s intentions I’m not aware of, is to connect with them? Really LinkedIn, really??

I decided to bite the bullet and connect, so that I could remove them. OH WAIT! You can’t!!! In order for me to connect with “my employee” (feel the sarcasm) is to know the email address they use on LinkedIn.

Ok. It was time to involve LinkedIn support. So I emailed them:

“Hi,

I set up a company page: (link)

I haven’t even completely finished setting it up yet and two people started claiming that they are employees. They are not. Please remove them.

They are not connections of mine and thus I cannot contact them or even see their names.

Their profile links are:

(link) and (link)

Thank you”

I received the typical “We received your email and are working on getting back to you, please wait.” Fine. We wait.

Later that day I received:

“Hi Felix,

I’m sorry for not having a quick answer about your issue. I’ve forwarded your message to another group for additional review and advice. We’ll be in contact with you as quickly as possible but your issue may require additional research, which may extend your wait time.

You can always check the status of your ticket by moving your cursor over your profile photo at the top right of your LinkedIn homepage and then selecting “Help Center”. Then click “Support History” in the top left to see the status of any tickets you’ve submitted.

Thanks for your patience.

Regards,

(Rep’s Name)

Customer Experience Advocate”

Fine. We wait.

Nine days later (to be fair this was over the Thanksgiving holiday, so I’m sure the typical response would be at least a day or two faster) I receive:

“Hi Felix,

Thanks for contacting us about this situation. It’s our hope that members keep their information as current as possible. Some members may not visit the site regularly or haven’t had the chance to update their information. In some instances, they may have inadvertently associated themselves with your company when they updated their profile.

We’ll send a courtesy message to this member requesting that they review their profile and update it to reflect their most current information.

Please allow this member an appropriate amount of time to update their LinkedIn profile. If you notice in the future that no changes have been made to this profile, please contact us for the formal False Profile process.

Thanks for helping us make LinkedIn better!

Regards,

(Rep’s Name)

LinkedIn Trust & Safety”

I don’t know what they mean by “an appropriate amount of time” so I suppose that I can try and contact them again next week, but

HOW DOES THIS HAPPEN IN THE FIRST PLACE???????????

How is it that someone can claim to be an employee of any random company without having to verify at least an email? I mean the capability is built into LinkedIn. They had me verify when I set up the page. This must have been some sort of a glitch or a hack, right? Well I had to test this out.

The scary things I learned about LinkedIn

I started by creating a new, random Gmail, email address for John Smith:

I then used it to create a brand new LinkedIn account

Then, I had to pick a company that I wanted to work at. Nike sounded like a cool choice. Position? How about Director of Human Resources. I bet I could get all sorts of personal information from people, if I claimed I was an HR Director, interested in hiring them.

I filled in some of the other profile fields and BAM! Just like that, I was listed as a Nike employee (Director of Human Resources non the less) on their company page.

The way I checked was to log in with my actual account and search for “Director of Human Resources at Nike” and there I was. Notice that it does not show me the name because we are not “connected” and when I tried to connect, I had to know the email that was used on LinkedIn. But that makes sense. I mean Directors are busy people and wouldn’t have their accounts very public, now would they?

But the scam is not yet complete.

As John Smith, the acting Director of Human Resources at Nike, I decided to pray on myself. I sent a connection request to my real account.

Which of course, was also accompanied by an email.

Interestingly, as a Director of Human Resources at Nike, I did not have to have poor old Felix’s email address in order to connect. I mean Felix would be blessed to have the Director of Human Resources at Nike want to connect, right? (yup, feel the sarcasm, again)

Well, when Felix received this email and came to after passing out at the thought of such an honor (I’m quite sarcastic, if you haven’t noticed yet) he gladly accepted.

Now when I went to Nike’s company page, what did I see? My new buddy, John Smith’s face. Everything seems very legit, doesn't it.

HOW HORRIFIC !!!

Anyone who want’s to do harm can do this!!!! Just of the top of my head, I can come up with multiple scenarios that would turn out really bad for most users on LinkedIn.

One could pretend to be ANYONE!

Most people would gladly hand over resumes, fill out applications, provide dates of birth, addresses, social security numbers and copies of driver licenses, to the “Director of Human Resources” looking to hire them.

Some sicko could even lure victims to live interviews where, I don’t even want to think of what could happen there.

I mean really LinkedIn? Not only do you lack the basic security protocols to prevent this, but even when it’s brought to your attention the best you can do is:

“We’ll send a courtesy message to this member requesting that they review their profile and update it to reflect their most current information.

Please allow this member an appropriate amount of time to update their LinkedIn profile.”

In that time, someone can scam, rape and kill hundreds of people!

WAKE THE FUCK UP !!!

I apologize for the cursing, but this really gets me.

I hope this will help you in staying safe. Please be careful and let others know.

BTW. I did delete my fake profile of John Smith. It was meant to illustrate what is possible and not intended to cause any harm. Nike, I’m sorry I used you for my example. You were the first company that popped into my head.

--

--

Felix Reznik

Written by Felix Reznik

70 Followers

Tech lover, Entrepreneur, Marketer, Shark Tank fanboy, Internet addict & Early adopter

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams