Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may be. But the fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies, and they are being indexed as gospel by various downstream data-scraping sources.
We've had a couple of reports earlier this year from a large financial client that their staff have been targeted with urgent, out-of-hours requests from 'senior execs' at their company to buy gift cards - supposedly for client gifts. The scam is that they use these fake Linkedin profiles to provide credibility and messaging directly to the, usually, junior member of staff and get them to buy high-value gift cards and send the codes to the scammer. These are then cashed in remotely.
The couple of attempts didn't succeed as the staff were too wary and called someone else for verification.
Read the full story at Brian Krebs