MI5 warns of foreign agents using LinkedIn to steal information

Some UK government departments are thought to have engaged with fake profiles linked to hostile states

A collection of digital profiles

More than 10,000 British nationals have been approached by fake LinkedIn profiles that are associated with hostile states, according to MI5. 

The UK's security organisation believes that any users that accepted such a request might have been tricked into sharing secrets. 

A campaign has been launched by the Centre for the Protection of National Infrastructure (CPNI) called Think Before You Link, which warns that foreign agents are targeting officials with access to sensitive information. The project shares concerns that once a request has been accepted, the victim's colleagues will be more likely to accept a follow-up request as it looks like they share a mutual acquaintance Nearly all government departments and some key industries are thought to have been targeted by fake LinkedIn accounts. A large number of those approached might have engaged with the profiles that contacted them, which may have offered speaking or business and travel opportunities as ways to extract confidential information. LinkedIn said it "welcomed" the efforts of the CPNI and its Think Before You Link campaign.

Related Resource

The definitive guide to IT security

Protecting your MSP and your customers

The definitive guide to IT security for MSPs - whitepaper from LiongardDownload now

"We actively seek out signs of state-sponsored activity on the platform and quickly take action against bad actors in order to protect our members," the company said in a statement. "Our Threat Intelligence team removes fake accounts using information we uncover and intelligence from a variety of sources, including government agencies." 

While the number of profiles targeting UK officials is alarming, cyber attacks are almost always less sophisticated than people imagine, according to Idax CEO Mark Rodbert.  "Technology is the most common vector, rather than the method, and cyber vulnerability often has more to do with mind-reading acts than complex technological tools," Rodbert told IT Pro.

"Cyber criminals and foreign agents draw heavily from the confidence tricksters of the past, so their methods are often quite straightforward. If you ask someone for their data, you would be surprised at how often they tell you. People make mistakes"

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

eBay, Apple, Microsoft, Facebook, and Google were phishers’ top targets in 2020
phishing

eBay, Apple, Microsoft, Facebook, and Google were phishers’ top targets in 2020

20 Apr 2021
Data breach exposes widespread fake reviews on Amazon
data breaches

Data breach exposes widespread fake reviews on Amazon

7 May 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021