- Crypto professionals in LinkedIn are flooded with fake profiles and genuine tools that drain their wallets through malware attacks.
- Victims are lured into clicking links with fake interviews that attack their devices and cryptocurrency wallets.
- Rates of the scam are still on the rise even after LinkedIn deleted more than 80 million fake accounts in 6 months.
Hackers are using LinkedIn to launch scams targeting crypto professionals. Web3 security expert Taylor Monahan shared details about a new social engineering attack on December 28. The concern involves tricking victims by impersonating as workers or recruiters from reputable companies.
Scammers create fake LinkedIn profiles that look professional and convincing. They claim to represent well-known companies and offer attractive job opportunities. These interactions often succeed in capturing the interest of even passive job seekers.
After establishing trust, scammers guide victims through an elaborate recruitment process. They share job descriptions, interview details, and even schedule virtual interviews. The process appears professional, making it harder to detect malicious intent.
How the Scam Operates
Hackers often use legitimate tools like the Willo Video interviewing platform to appear credible. Victims are asked to participate in video interviews. However, during the process, the camera and microphone fail to function.
At this stage, scammers direct victims to click a How to fix link. The link contains harmful instructions that compromise the victim’s device. Once executed, attackers gain control over the victim’s computer. Furthermore, Taylor Monahan explained that the malware behaves differently on Windows, Mac, and Linux systems. Victims are often prompted to restart their browser to fix the issue. This action gives hackers full access to the victim’s system and crypto wallets.
Past Incidents Show Alarming Trends
This LinkedIn scam mirrors past attacks on crypto firms. In one notable incident, hackers targeted employees of Ginco, a Japanese crypto wallet company. They stole $305 million from the DMM Bitcoin exchange using similar techniques. The FBI and Japan’s National Police Agency looked into the breach. The attack also brought out the issue of increased complexities of hackers and the danger of social engineering frauds.
However, LinkedIn has been striving to address the issue of fake profiles on its site. In their 2024 fraud report, LinkedIn revealed they removed over 80 million fake accounts within six months. Automated systems blocked most fake profiles during registration or shortly afterward.
Despite these efforts, scammers continue to find ways to bypass security measures. Experts warn professionals to remain cautious and verify recruiter credentials before engaging further.
Increased Awareness is Crucial
Security experts advise crypto professionals to avoid clicking unfamiliar links. They recommend verifying all communication directly with official company channels. Hackers can quickly take advantage of a single minor loophole to carry out huge strikes.
The case of social engineering scams demonstrates the point that adversaries will continue to evolve as technology progresses. Professionals must prioritize security awareness to protect their assets and personal information. Crypto firms are also urged to improve employee training on cybersecurity. Organizations must adopt stronger security protocols to reduce risks from such scams.
