Blog

How to ‘Spy’ a Fake Social Media Profile

How to ‘Spy’ a Fake Social Media Profile

Most users of LinkedIn and other social media platforms will check profile basics including the number of online interactions and mutual connections before accepting a request from someone they do not know. If things look kosher, they will move forward with communication.

But, increasingly, sophisticated state-backed groups from countries like Iran, North Korea, Russia, and China have been using social media to steal information through phishing scams or malware. These profiles look like legitimate ones, making it near impossible to ascertain if your new connection is in reality an intelligence operative.

Last year, the UK government said that foreign spies and other malicious actors had approached 10,000 people on LinkedIn or Facebook over 12 months. Often these approaches start on social media apps but move to WhatsApp, email, or Zoom. When closer contact is made, it is easy for these bad actors to hack computers and use social engineering techniques to gain access to personal information.

It is important to note that scam accounts are more common than those connected to state-backed groups. False accounts are often used to sell cryptocurrency and trick people into providing personal information for financial scams.  

Charming Kitten: A State-Backed False Profile

When freelance journalist Anahita Saymidinova received a work offer from Camille Lons, a politics and security researcher on LinkedIn, it seemed genuine. Lons’ profile listed credible work and education histories and used the same profile picture as the one on her other social media accounts. When requested, Saymidinova gave Lons her email address. But when the journalist’s new connection sent her a PDF that said the US State Department had provided $500,000 to fund a research project, Saymidinova started to get suspicious. Then, when her new connection began pressuring for a Zoom call to discuss the proposal, Saymidinova reached out to an expert.

After some research, Amin Sabeti, the founder of Certfa Lab, a security organization that researches threats from Iran, concluded that the Iranian hacking group Charming Kitten was behind the false profile. They had stolen the identity of Camille Lons, a real politics and security researcher, to target Saymidinova, who does work for Iran International, a Persian-language news outlet that has been harassed and threatened by Iranian government officials. According to Sabeti, the group seeks to gain access to people’s Gmail or Twitter accounts to gather private information to then use to exploit other targets. 

LinkedIn Takes Action to Curb False Profiles

Last year, LinkedIn released tools to detect AI-generated profile photos and filters that flag messages as potential scams. It also developed an “About” section for individual profiles that shows when an account was created and whether the account has been verified.The company has identified several signs it looks for when screening for fake accounts, such as leaving messages with super-human speed — a potential sign of automation. Another sign is a mismatch between its IP address and listed location.

However, LinkedIn is only one of the platforms where this form of impersonation is occurring and the company’s attempts to deal with the problem may not be fully effective. When using any social media platform, it is best to stay cautious and keep an eye out for bad actors.

How to Protect Yourself?

1.      Notice odd language and cultural mistakes. You may be able to spot subtle errors in language or cultural behavior that point to a false persona.

2.      Trust your instincts. As with freelance journalist Saymidinova’s situation, there may be something that causes you to question the source of the information. In her case, the too-generous offer of work funded by the US Government gave her pause – and she was right.

3.      Communicate via the platform. Whether your new connection is a legitimate contact, or a false persona created by bad actors, it is a good idea to keep all communication on the social media platform where it began. If you note that your new connection is adamant that you move to email or a video call, take some precautions.

4.     Check them out on another channel. If you met the connection on LinkedIn, consider monitoring them on Twitter, etc to see if the profiles contradict each other. If the profile has been created based on a stolen identity, this may allow you to catch this early.

5.      Work with a security expert. Interfor International develops a personal strategy for each client to proactively defend their interests and mitigate danger on social media. We have the experience and tech tools to spot false profiles and advise you on the best way to handle each situation.