It was recently discovered that job postings on LinkedIn aren’t as secure as you might expect. Anyone with a LinkedIn profile can anonymously create a job posting for nearly any small or medium-sized organization. The person creating the post does not have to prove whether or not they are associated with that organization. This means that a cybercriminal could post a job opening for a legitimate organization and then link applicants to a malicious website.
Worse still, cybercriminals could use LinkedIn’s “Easy Apply” option. This option allows applicants to send a resume to the email address associated with the job posting without leaving the LinkedIn platform. Since the email address is associated with the job posting and not necessarily the organization, cybercriminals can trick you into sending your resume directly to them. Resumes typically include both personal and professional information that you do not want to share with a cybercriminal.
Follow the tips below to stay safe from this unique threat:
- Watch out for grammatical errors, unusual language, and style inconsistencies in LinkedIn job postings. Be suspicious of job postings that look different compared to other job postings from the same organization.
- Avoid applying for a job within the LinkedIn platform. Instead, go to the organization’s official website to find their careers page or contact information.
- If you find a suspicious job posting on LinkedIn, report it. To report a job posting, go to the Job Details page, click the more icon, and then click Report this job.
Thank you to the Know Be4 Security Team for these helpful tips!