Employees of Russian and Chinese (among others) secret services use fake LinkedIn profiles to gain access to "special technological knowledge".
Employees with certain knowledge and/or influence or position within the organization are approached via fake profiles of recruiters, but also of consultants, scientists, or fellow technicians. The first contact is made through these profiles. After a few flattering compliments, a personal contact follows, for example at a conference or for a so-called new job. An attempt is made to extract confidential – and blackmailable – information. The secret services of Russia and China are trying to steal trade secrets in this way to get their hands on advanced technology.
A fake social media profile can be of a completely fictitious person, but can also misuse the identity of an existing person. Often a fake profile is part of a more widely displayed fake company, such as on other social media and with its own website, so that the claims of a particular company are "substantiated". A fake social media profile allows a malicious person to make contact with intended targets. They will then try to create trust in order to reach a personal conversation. The misuse of LinkedIn by state actors is not new and is not limited to the states mentioned. For example, in 2020, security firm ESET wrote about social engineering via LinkedIn on European aerospace and defense companies and attributed this “possibly” to North Korea. A similar campaign has been described and attributed to Iran by security firm Telsy.
The University advises you to exercise restraint on social media when providing contact details and information about the exact details of your work, research or study. Be aware of who you are friends or connected with online. Choose your digital network with care and be critical about who you add to that network. For more advice, see the NCSC publication (in Dutch) “Kennen ze jou ergens van?”.
If in doubt, always contact CERT-UT.