A group of fraudsters have been using LinkedIn to lure unsuspecting users into cryptocurrency schemes; and these fraudsters now pose a “significant threat” to the platform and consumers, according to Sean Ragan, the FBI special agent in charge of the bureau’s Northern California offices in Sacramento and San Francisco.
In an interview with CNBC, Ragan said, “This type of fraudulent activity is significant, and there are many potential victims, and there are many past and current victims.”
Here’s a general overview of the LinkedIn/crypto scam:
- A fraudster creates a fake professional file on LinkedIn.
- He/she engages other LinkedIn users in small talk, via LinkedIn messaging.
- The fraudster offers the LinkedIn member a chance to make money through a crypto investment.
- The fraudster then steers the same LinkedIn member to a sound crypto investment, as a means of initially building trust.
- After a grace period, the fraudster will direct the same LinkedIn member to a crypto site, controlled by the fraudster; and from there, funds are eventually drained from the unwitting victim’s account.
According to CNBC, the victims tended to believe the investment opportunities were legitimate, saying that LinkedIn is a trusted platform for business networking.
“So, the criminals, that’s how they make money, that’s what they focus their time and attention on,” explained Ragan.
He added: “And they are always thinking about different ways to victimize people, victimize companies. And they spend their time doing their homework, defining their goals and their strategies, and their tools and tactics that they use.”
Ragan said this particular LinkedIn scam runs different from a long-running scheme, in which the criminal pretends to show a romantic interest in the subject and then persuades the victim into parting with their money.
The FBI confirmed it has active investigations into the LinkedIn scheme, but could not comment on any open cases.
In a statement, LinkedIn acknowledged there has been a recent uptick of fraud on its platform, telling CNBC, “We enforce our policies, which are very clear: fraudulent activity, including financial scams, are not allowed on LinkedIn. We work every day to keep our members safe, and this includes investing in automated and manual defenses to detect and address fake accounts, false information, and suspected fraud.”
LinkedIn continued: “We work with peer companies and government agencies from across the world with the goal of keeping LinkedIn members safe from bad actors. If a member encounters or is the victim of a scam, we ask that they report it to us and to local law enforcement.”
According to CNBC, LinkedIn says it removed more than 32 million fake accounts from its platform in 2021, according to its semiannual report on fraud.
From July to December 2021, its “automated defenses stopped 96% of all fake accounts — that includes 11.9 million that were stopped at registration and 4.4 million that were proactively restricted, the report said. Members reported 127,000 fake profiles that were also removed.”
In a Thursday blog post, LinkedIn cautioned users against sending money to unknown persons and/or responding to accounts with a questionable work history or other red flags, such as poor grammar.
Citing one real-life example: Mei Mei Soe, a Florida benefits manager, says she lost $288,000 — her entire life savings — to a scammer on LinkedIn.
Soe connected with someone whose profile claimed they were a manager at a Los Angeles fitness company. The pair began chatting over LinkedIn and then on a separate messaging app.
“He asked me if I’m on LinkedIn for professional networking or if I’m looking for a job,” Soe recalls. “I never trust anybody, but we began talking and over time he gained my trust.”
Citing the CNBC report, Crypto.com says it immediately takes down accounts that are linked to potential scams.
“We take a proactive approach to managing and protecting against external threats, including scam and phishing campaigns,” read the Crypto statement. “As with all financial transactions, fiat or crypto, it is critical to ensure the account receiving funds is legitimate and its owner is identified and trustworthy prior to the transfer.”