Small Business

Fake LinkedIn Requests: How to Spot Them

By Rick Broida

Updated on: August 16, 2010 / 10:27 AM EDT / MoneyWatch

A couple months ago I showed you the anatomy of a phishing e-mail. The sample I used was a pretty obvious fake, one that most users (I hope) would spot right away.

This one, however, almost got me:

As you can see, it's a dead ringer for a real LinkedIn invitation, the kind I receive every few days. And I almost clicked it, but a couple telltale signs raised flags:

I don't know anyone named Alana Mcpherson.
I've never heard of Interbrand.
This request was one of five, all of which arrived within minutes of each other, all from names I didn't recognize, and all from Interbrand.

And, sure enough, when I moused over the embedded LinkedIn link, the URL that popped up was some weird .info address.

If I'd clicked one of the links, I might have fallen victim to a "drive-by" malware infection (which can occur just by visiting a particular Web page). Or I might have been asked to supply some personal info (which I never would, of course, but that's only because I know better).

The moral of the story, as always: look before you leap, and think before you click.