Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. Many LinkedIn profiles now display a creation date, and the company is expanding its domain validation offering, which allows users to publicly confirm that they can reply to emails at the domain of their stated current employer.
LinkedInβs new βAbout This Profileβ section β which is visible by clicking the βMoreβ button at the top of a profile β includes the year the account was created, the last time the profile information was updated, and an indication of how and whether an account has been verified.
LinkedIn also said it is adding a warning to some LinkedIn messages that include high-risk content, or that try to entice the user into taking the conversation to another platform (like WeChat).
βWe may warn you about messages that ask you to take the conversation to another platform because that can be a sign of a scam,β the company said in a blog post. βThese warnings will also give you the choice to report the content without letting the sender know.β
In late September 2022, KrebsOnSecurity warned aboutΒ the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) rolesΒ at some of the worldβs largest corporations. AΒ follow-up story on Oct. 5Β showed how the phony profile problem has affected virtually all executive roles at corporations, and how these fake profiles are creating an identity crisis for the businesses networking site and the companies that rely on it to hire and screen prospective employees.
Reporting here last month also tracked a massive drop in profiles claiming to work at several major technology companies, as LinkedIn apparently took action against hundreds of thousands of inauthentic accounts that falsely claimed roles at these companies.
For example, on October 10, 2022, there were 576,562 LinkedInΒ accounts that listed their current employer asΒ Apple Inc. The next day, half of those profiles no longer existed. At around the same time, the number of LinkedIn profiles claiming current roles at Amazon fell from roughly 1.25 million to 838,601 in just one day, a 33 percent drop.
For whatever reason, the majority of the phony LinkedIn profiles reviewed by this author were young women with profile photos that appear to have been generated by artificial intelligence (AI) tools.
βWeβre seeing rapid advances in AI-based synthetic image generation technology and weβve created a deep learning model to better catch profiles made with this technology,β LinkedInβs Oscar Rodriguez wrote. βAI-based image generators can create an unlimited number of unique, high-quality profile photos that do not correspond to real people.β
It remains unclear who or what is behind the recent proliferation of fake executive profiles on LinkedIn, but likely they are from a combination of scams. Cybersecurity firm MandiantΒ (recently acquired byΒ Google)Β told BloombergΒ that hackers working for the North Korean government have been copying resumes and profiles from leading job listing platforms LinkedIn andΒ Indeed, as part of an elaborate scheme to land jobs at cryptocurrency firms.
Identity thieves have been known to masquerade on LinkedIn as job recruiters, collecting personal and financial information from people who fall for employment scams.
Also, fake profiles also may be tied to so-called βpig butcheringβ scams, wherein people are lured by flirtatious strangers online into investing in cryptocurrency trading platforms that eventually seize any funds when victims try to cash out.
On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in the number of LinkedIn profiles claiming employment at Amazon comes as LinkedIn is struggling to combat a significant uptick in the creation of fake employee accounts that pair AI-generated profile photos with text lifted from legitimate users.
Jay Pinho is a developer who is working on a product that tracks company data, including hiring. Pinho has been using LinkedIn to monitor daily employee headcounts at several dozen large organizations, and last week he noticed that two of them had far fewer people claiming to work for them than they did just 24 hours previously.
Pinhoβs screenshot below shows the daily count of employees as displayed on Amazonβs LinkedIn homepage. Pinho said his scraper shows that the number of LinkedIn profiles claiming current roles at Amazon fell from roughly 1.25 million to 838,601 in just one day, a 33 percent drop:
The number of LinkedIn profiles claiming current positions at Amazon fell 33 percent overnight. Image: twitter.com/jaypinho
As stated above, the number of LinkedIn profiles that claimed to work at Apple fell by approximately 50 percent on Oct. 10, according to Pinhoβs analysis:
Image: twitter.com/jaypinho
Neither Amazon or Apple responded to requests for comment. LinkedIn declined to answer questions about the account purges, saying only that the company is constantly working to keep the platform free of fake accounts. In June, LinkedIn acknowledged it was seeing a rise in fraudulent activity happening on the platform.
KrebsOnSecurity hired Menlo Park, Calif.-based SignalHire to check Pinhoβs numbers. SignalHire keeps track of active and former profiles on LinkedIn, and during the Oct 9-11 timeframe SignalHire said it saw somewhat smaller but still unprecedented drops in active profiles tied to Amazon and Apple.
βThe drop in the percentage of 7-10 percent [of all profiles], as it happened [during] this time, is not something that happened before,β SignalHireβs Anastacia Brown told KrebsOnSecurity.
Brown said the normal daily variation in profile numbers for these companies is plus or minus one percent.
βThatβs definitely the first huge drop that happened throughout the time weβve collected the profiles,β she said.
In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the worldβs largest corporations. A follow-up story on Oct. 5 showed how the phony profile problem has affected virtually all executive roles at corporations, and how these fake profiles are creating an identity crisis for the businesses networking site and the companies that rely on it to hire and screen prospective employees.
A day after that second story ran, KrebsOnSecurity heard from a recruiter who noticed the number of LinkedIn profiles that claimed virtually any role in network security had dropped seven percent overnight. LinkedIn declined to comment about that earlier account purge, saying only that, βWeβre constantly working at taking down fake accounts.β
A βswarmβ of LinkedIn AI-generated bot accounts flagged by a LinkedIn group administrator recently.
Itβs unclear whether LinkedIn is responsible for this latest account purge, or if individually affected companies are starting to take action on their own. The timing, however, argues for the former, as the account purges for Apple and Amazon employees tracked by Pinho appeared to happen within the same 24 hour period.
Itβs also unclear who or what is behind the recent proliferation of fake executive profiles on LinkedIn. Cybersecurity firm MandiantΒ (recently acquired byΒ Google)Β told Bloomberg that hackers working for the North Korean government have been copying resumes and profiles from leading job listing platforms LinkedIn and Indeed, as part of an elaborate scheme to land jobs at cryptocurrency firms.
On this point, Pinho said he noticed an account purge in early September that targeted fake profiles tied to jobs at cryptocurrency exchange Binance. Up until Sept. 3, there were 7,846 profiles claiming current executive roles at Binance. The next day, that number stood at 6,102, a 23 percent drop (by some accounts that 6,102 head count is still wildly inflated).
Fake profiles also may be tied to so-calledΒ βpig butcheringβ scams, wherein people are lured by flirtatious strangers online into investing in cryptocurrency trading platforms that eventually seize any funds when victims try to cash out.
In addition, identity thieves have been knownΒ to masquerade on LinkedIn as job recruiters, collecting personal and financial information from people who fall for employment scams.
Nicholas Weaver, a researcher for the International Computer Science InstituteΒ atΒ University of California, Berkeley, suggested another explanation for the recent glut of phony LinkedIn profiles: Someone may be setting up a mass network of accounts in order to more fully scrape profile information from the entire platform.
βEven with just a standard LinkedIn account, thereβs a pretty good amount of profile information just in the default two-hop networks,β Weaver said. βWe donβt know the purpose of these bots, but we know creating bots isnβt free and creating hundreds of thousands of bots would require a lot of resources.β
In response to last weekβs story about the explosion of phony accounts on LinkedIn, the company said it was exploring new ways to protect members, such as expanding email domain verification. Under such a scheme, LinkedIn users would be able to publicly attest that their profile is accurate by verifying that they can respond to email at the domain associated with their current employer.
LinkedIn claims that its security systems detect and block approximately 96 percent of fake accounts. And despite the recent purges, LinkedIn may be telling the truth, Weaver said.
βThereβs no way you can test for that,β he said. βBecause technically, it may be that there were actually 100 million bots trying to sign up at LinkedIn as employees at Amazon.β
Weaver said the apparent mass account purge at LinkedIn underscores the size of the bot problem, and could present a βreal and material changeβ for LinkedIn.
βIt may mean the statistics theyβve been reporting about usage and active accounts are off by quite a bit,β Weaver said.
apple-plus-16-1200
Whether using the internet for play or work, you want to spend your time online enjoying the peace of mind that comes with having a secure network.Β
You donβt want to contend with someone taking your personal data β whether itβs credit card information, passwords, or bank account details β via malware or a data breach on your Android, Windows, or Apple iOS device.Β
Fortunately, with some sensible precautions and simple steps, you can use your connected devices productively without worrying about cybercriminals and malicious software. This article explains how to stop hackers from getting access to your sensitive data.Β Β
You can take steps to protect your different computing and mobile devices and operating systems. These steps can be divided into technological solutions and the right awareness and information to provide a comforting measure of self-protection.Β
Itβs like learning karate for self-defense, giving you confidence as you negotiate the wider world (and hoping that you never have to use it).Β
When it comes to identity protection software, McAfee provides a proven solution with our identity protection and privacy services. The protection includes alerts if your sensitive information is found on the dark web (up to 10 months sooner than other providers), personal data cleanup from sites gathering and selling your information, and an unlimited virtual public network (VPN) service that protects your privacy as you use public Wi-Fi networks.Β
Youβll also get up to $1 million in identity theft coverage and hands-on restoration support to help you reclaim your identity.Β Β
Simple, obvious passwords and passcodes (like your street address, your birthday, your kidsβ or petsβ names, or β1234β or βabcdβ) are easy for cybercriminals to crack, giving them unwanted access to your private data.Β
The stronger your password, the better your protection. Some best password practices include:Β
Itβs important not to be a standing target. Just as you should use different passwords for everything, you should regularly change your passwords. You should do this a few times a year (although some cyber experts say this might not be necessary if you have a long and very complicated password).Β
If you have a number of passwords that you update often, it might be worth getting a password manager like McAfee True Key to keep track of them. Not only will you not be faced with remembering all your different passwords or writing them down (also a no-no), but it can also help you create and store unique passwords.Β Β
The software uses the strongest encryption algorithms available to protect your passwords, scrambling them so no one else can access them. Itβll also suggest new passwords and automatically log you into your online accounts with just one master password.Β
Another important line of defense is multi-factor authentication (sometimes known as two-factor authentication). This system uses a password and a second piece of verification β often an SMS message sent to your Android device or iPhone β to authenticate your identity.Β
This provides hard-to-beat protection even if a hacker has your password. Besides receiving SMS codes, there are also code-generating apps and physical security keys.Β
Thinking before you click on an email or text is a very important defense against phishing scams. Your bank wonβt send you an email or text notifying you that thereβs been suspicious activity on your account.Β Β
Does getting a large refund from your phone company sound too good to be true? It is. Similarly, the Internal Revenue Service (IRS) wonβt text to tell you that you owe them money, and princes arenβt going to give you a fortune out of the blue.Β
Internet users beware: If youβre not absolutely certain that the text message you received is from a legitimate and trusted source, delete it. You can always contact the business or person directly to confirm that the message is legit.Β
Any operating system or app you use is open to malicious cyberattacks. This is why you should keep all your software up to date with the latest versions. Software developers are continually fixing holes in their products and offering cybersecurity patches to make them as safe and hacker-proof as possible.Β
Make sure your software, firmware, and security settings are up to date on your homeβs Wi-Fi router, as well. You can often change your settings to allow for automatic updates.Β
Sure, who doesnβt like to go to a cafe, library, or hotel lobby to use the free Wi-Fi? But security is often weak in these public networks. If you open your online banking account or access personal information, you may unwittingly be giving a personal invitation to eavesdropping cybercriminals.Β Β
This is where the bank-grade level of protection of McAfee Secure VPN comes in, which automatically turns on when you need it and keeps you safe on public Wi-Fi networks.Β
Even if your device does get hacked, you can protect vital information on your Windows or macOS system with an encryption program like BitLocker or FileVault. You can protect any hard drive you use, including portable ones and USB keys.Β
Itβs also a good idea to only shop at encrypted websites marked with the prefix βHTTPSβ in their URLs.Β
One of the best ways to surf the web in comfort while keeping hackers at bay is with the comprehensive solutions provided by McAfee Total Protection.Β
Your protection includes proactive measures (meaning weβll guide you to the best choices for prevention), early detection, and expert identity theft support.Β Β
This means youβll get identity monitoring, up to $1 million in identity theft coverage, lost wallet protection, premium antivirus software, a secure VPN, and personal data removal. In particular, our Personal Data Cleanup service will help find and remove your personal information from data broker websites and people search sites.Β Β
With McAfee, you donβt have to be afraid of hackers. Let us deal with them.Β Β
The post How to Stay One Step Ahead of Hackers appeared first on McAfee Blog.
PrivateΒ tech companiesΒ gather tremendous amounts ofΒ user data. These companies can afford to let you useΒ social mediaΒ platforms free of charge because itβs paid for by your data, attention, and time.
Big tech derives most of its profits by selling your attention to advertisers β a well-knownΒ business model. Various documentaries (likeΒ Netflixβs βThe Social Dilemmaβ) have tried to get to the bottom of the complexΒ algorithmsΒ that bigΒ tech companiesΒ employ to mine and analyzeΒ user dataΒ for the benefit of third-party advertisers.
Tech companiesΒ benefit from personal info by being able to provideΒ personalized ads. When you click βyesβ at the end of a terms and conditions agreement found on someΒ web pages, you might be allowing the companies to collect the following data:
For someone unfamiliar with privacy issues, it is important to understand the extent of big techβs tracking andΒ data collection. After these companiesΒ collect data, all this info can be supplied to third-party businesses or used to improve user experience.
The problem with this is that big tech has blurred the line between collecting customer data and violating user privacy in some cases. While tracking what content you interact with can be justified under the garb of personalizing the content you see, big tech platforms have been known to go too far. Prominent social networks like Facebook and LinkedIn have faced legal trouble for accessing personal user data like private messages and saved photos.
The info you provide helps build an accurate character profile and turns it into knowledge that gives actionable insights to businesses. Private data usage can be classified into three cases: selling it toΒ data brokers, using it to improve marketing, or enhancing customer experience.
To sell your info toΒ data brokers
Along with big data, another industry has seen rapid growth:Β data brokers.Β Data brokersΒ buy, analyze, and package your data. Companies that collect large amounts of data on their users stand to profit from this service.Β Selling dataΒ to brokers is an important revenue stream for bigΒ tech companies.
Advertisers and businesses benefit from increased info on their consumers, creating a high demand for your info. The problem here is that companies like Facebook and Alphabet (Googleβs parent company) have been known to mine massive amounts ofΒ user dataΒ for the sake of their advertisers.
To personalize marketing efforts
Marketing can be highly personalized thanks to the availability of large amounts of consumer data. Tracking your response to marketing campaigns can help businesses alter or improve certain aspects of their campaign to drive better results.
The problem is that most AI-basedΒ algorithmsΒ are incapable of assessing when they should stop collecting or using your info. After a point, users run the risk of being constantly subjected to intrusive ads and other unconsented marketing campaigns thatΒ pop upΒ frequently.
To cater to the customer experience
Analyzing consumer behavior through reviews, feedback, and recommendations can help improve customer experience. Businesses have access to various facets of data that can be analyzed to show them how to meet consumer demands. This might help improve any part of a consumerβs interaction with the company, from designing special offers and discounts to improving customer relationships.
For mostΒ social mediaΒ platforms, the goal is to curate a personalized feed that appeals to users and allows them to spend more time on theΒ app. When left unmonitored, the powerfulΒ algorithmsΒ behind theseΒ social mediaΒ platforms can repeatedly subject you to the same kind of content from different creators.
Here are the bigΒ tech companiesΒ that collect and mine the mostΒ user data.
Users need a comprehensive data privacy solution to tackle the rampant, large-scale data mining carried out by big tech platforms. While targeted advertisements and easily found items are beneficial, many of these companies collect and mineΒ user dataΒ through several channels simultaneously, exploiting them in several ways.
Itβs important to ensure your personal info is protected. Protection solutions likeΒ McAfeeβs Personal Data Cleanup feature can help. It scours the web for traces of your personal info and helps remove it for your online privacy.
McAfee+Β provides antivirus software for all your digital devices and a secureΒ VPNΒ connection to avoid exposure to malicious third parties while browsing the internet. Our Identity Monitoring andΒ personal dataΒ removal solutions further remove gaps in your devicesβ security systems.
With our data protection and custom guidance (complete with a protection score for each platform and tips to keep you safer), you can be sure that your internet identity is protected.
The post What Personal Data Do Companies Track? appeared first on McAfee Blog.
apple-1200
apple-1200
apple-1200
apple-1200