Fake recruiters on LinkedIn are targeting infosec pros
“There’s a group of fake recruiters on LinkedIn mapping infosec people’s networks. Not sure what their goal is yet, just a heads-up to others,” Yonathan Klijnsma, a threat intelligence analyst working at Dutch infosec firm Fox-IT, warned via his Twitter account.
“They will approach you by sending a general recruiter message with a profile picture of an attractive woman,” he then explained their modus operandi. “The job will be relative to your job. They will ‘scout’ a few people (besides you). After about a week they stop sending out new requests, the profile picture is removed and a bit later their name is changed making it hard to find these people back in your list if its big). In about a month the accounts disappear, not sure if on purpose.”
F-Secure’s Sean Sullivan dug a bit into these recruiters’ company’s – Talent Src or Talent Sources – online presence and found an official website that provides no useful information and a skimpy Twitter account that has last been updated in January (likely on the date when it was set up).
On LinkedIn, the accounts of the apparently fake Talent Src recruiters note that each one is dedicated to recruiting specific specialists working in a variety of security niches (automotive security, mobile security, etc.).
Also, a reverse image search for each of the images used on the profiles reveals that they have been taken from legitimate LinkedIn and Instagram accounts, and were simply flipped.
It all points out to a concerted effort to map security expert’s social connections, but it’s also possible this is someone doing research for a talk on security and social engineering, similar to the highly publicized Robin Sage experiment.