LinkedIn is a popular social network for connecting professionals, and I have an account there. Every day I get an invite to connect with someone. Typically I ignore these invites unless I know the person. But I’ve never received invites to connect from a chair of board of directors of a bank. Till yesterday. So I’ve accepted the invite.
Then I’ve received an LinkedIn email from this woman stating that she had a business proposition for me, and if I was interested, she was ready to explain. She also provided her email that ended in outlook.com. I checked her LinkedIn profile again. Looked legit. She even had a Twitter account with recent tweets in two languages.
I responded that I was ready to hear about this business proposition. Next day I’ve received a long email from her explaining how she had a private client named Lewis Fain who initially deposited €19M in their bank and she helped him to grow the wealth to €22M, but unfortunately he died in a car crash. She’s ready to wire transfer me the money, in one condition: we’d split the amount in half so she could improve the wellbeing of her family. She also asked me not to ruin her career in the bank if I was not interested.
At this point it was clear that it was a new type of a scam that involved creating fake LinkedIn accounts and impersonating themselves as someone else. Still I decided to continue my treasure hunt and responded to my fake banker asking her to send me any email from her bank email account. She responded again, stating that she understood my concern, but couldn’t use her bank email for such a delicate matter. But to establish trust, she attached a photo of her bank ID.
At this time I had enough of materials for this blog and responded wishing her good luck in finding another heir of poor Lewis Fain. Then I decided to report this scam to LinkedIn. To my surprise this banker was not in my connections list any longer. I searched by her name in LinkedIn, and found the account of that banker, the profile looked different and she didn’t have any connections.So either someone else reported this as a stolen account, or the con artists have removed it programmatically. I’ve reported this account to LinedIn anyway.So beware of LinkedIn initiated scams.
One more warning. Even if this banker would have sent me an email from the account that ended with the bank name, this would not be enough. Being a programmer, I can easily write a program that would send an email with any address in the “Reply To” field. Here’s how a fragment of the Java code to wannabe con artists:
Message emailMessage = new MimeMessage(session); emailMessage.setFrom(new InternetAddress("MaryLou@thefakebank.com")); emailMessage.setRecipients(Message.RecipientType.TO, InternetAddress.parse(emailRecipient, false)); emailMessage.setSubject(emailSubject); emailMessage.setSentDate(new Date()); emailMessage.setText(emailText);
So if you want to confirm someone’s identity, you need to send an email to the provided email address and receive a response back. Hope this helps.