LinkedIn hit by 419 scammers
Security experts are warning that Nigerian 419 fraudsters have become the latest type of enterprise to join LinkedIn, the business networking site.
This week the site received what's thought to be its first 'advanced fee' fraud attempt in the shape of a letter, said to come from a 22-year-old female from the Ivory Coast.
Unfortunately for the networkers on LinkedIn, the author doesn't want to be added as a contact, but does want their bank account details, she claims to wire them $6.5million.
"Before the death of my father…he called me secretly to his bed side and told me that he kept a sum of USD 6.500 000 in a bank in Abidjan, Cote d'Ivoire," the letter says.
"He also explained…that I should seek for foreign partner in a country of my choice where I would transfer this money and use it for investment purpose."
The message requests bank account name and numbers, and implores the recipient, the potential victim, - to reply to a Yahoo! email address within seven days.
"419 scammers may be hoping that the typical professional on LinkedIn may have more disposable income than the archetypal MySpace or Facebook user, and is potentially a bigger catch," said Graham Cluley, senior technology consultant at Sophos.
"Web 2.0 sites like LinkedIn and Facebook give strangers the ability to contact you, without the defensive umbrella of your corporate anti-spam filter."
Advanced fee fraud, also known as 419 scams after the relevant section of the Nigerian penal code, are a common sight in many computer users' email inboxes.
Typically, they claim to offer a small fortune in the form of a lottery win or inheritance, in exchange for an individual's banking details or payment of a 'handling charge'
Sophos recommended that LinkedIn users who wish to reduce the chances of receiving spam should change their communications settings on the site.
"LinkedIn provides the ability to prevent people from sending you an invitation to connect unless they know your email address or appear in your 'other contacts' list," Mr Cluley said.
"That should cut out a lot of the junk mail arriving at your LinkedIn account and defend against scams such as this one."
Cristina Hoole, a director at LinkedIn Europe, reminded users that the site lets them have "full control" over their networks.
"Users decide who to allow into their networks and which introductions to pass along," she said.
LinkedIn recommended the following best practices when sending and receiving invitations:
· Only accept invitations from people you know and trust.
· Personalise your invitations and messages so that the recipient knows who you are. If necessary, remind the person of how you know each other