Information Security, Top News

Spies are watching… on LinkedIn

Germany’s spy agency – Bundesamt für Verfassungsschutz (BfV) – has published eight of the most active profiles it says are used on LinkedIn to contact and lure German officials for espionage purposes.

No surprises here – the young professionals the profiles portray are hot, enticing, and fake. BfV alleges that they’re just fronts used by Chinese intelligence to gather personal information about German officials and politicians.

Hans-Georg Maassen, chief at Germany’s intelligence agency (BfV), on Sunday alleged that Chinese intelligence has used LinkedIn to target at least 10,000 Germans, possibly to recruit them as informants.

Reuters quoted the BfV:

Chinese intelligence services are active on networks like LinkedIn and have been trying for a while to extract information and find intelligence sources in this way, [including seeking data on users’ habits, hobbies and political interests].

China denies it all.

Speaking in Beijing on Monday, Chinese Foreign Ministry spokesman Lu Kang said that the allegations are “completely groundless” accusations that amount to “chasing the wind and clutching at shadows.”

We hope the relevant German organizations, particularly government departments, can speak and act more responsibly, and not do things that are not beneficial to the development of bilateral relations.

The BfV identified faked profiles including:

  • “Rachel Li”, identified as a “headhunter” at “RiseHR”
  • “Alex Li”, a “Project Manager at Center for Sino-Europe Development Studies”
  • “Laeticia Chen”, a manager at the “China Center of International Politics and Economy” whose attractive photo was reportedly swiped from an online fashion catalog, according to a BfV official.

Reuters found that some of the profiles were connected to senior diplomats and politicians from several European countries, but that’s it: there’s no way to find out whether any further contact had taken place beyond initial social media “adds.”

According to the Financial Times, the BfV’s report is the result of a nine-month survey of social networks that began in January.

Maassen classified China’s work on LinkedIn as a “broad attempt to infiltrate parliaments, ministries and administrations.”

Chinese intelligence services are using new strategies of attack in the digital space. Social networks, especially LinkedIn, are being used in an ambitious manner to gather information and for recruitment.

The BfV said that establishing contact through social media has been on the agenda of foreign intelligence services for some time:

Information about habits, hobbies and even political interests can be generated with only a few clicks. Chinese intelligence agencies in particular are active on networks like LinkedIn.

According to German media reports, the Chinese intelligence services used fake profiles to contact members of the German and European parliaments, as well as senior military officials and representatives of foundations, lobby groups and consultancies.

Once contact was made, the spies would try to launch a professional exchange of views and information, followed by invitations to conferences and other events in China.

How to fend off LinkedIn lusciousness

  • Don’t friend strangers. If you haven’t met someone in person, don’t accept their request to connect, even if they are a super-hot piece of crumpet.
  • Be careful what you share on social media. Work-related details are a goldmine for phishers, or potential spies.
  • Report imposter profiles. If you suspect a profile is fake, report it to LinkedIn.

Source : Naked Security

Previous ArticleNext Article
Founder and Editor-in-Chief of 'Professional Hackers India'. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.