We have had multiple reports of suspicious connection online requests from LinkedIn profiles, falsely claiming to be Aviva employees.
Criminals use social media platforms like LinkedIn to gain extra information on what you do. People with fake profiles could use this information to craft a more convincing phishing email or other tailored social engineering attacks.
We need your help to stop these fake profiles from adding more people. You can do this by:
- Taking your time to assess any new social media profile connection requests- do you know the person in real life? Accepting new connections without checking the profile first can lend legitimacy to fake accounts as other colleagues who receive a request will see that you are also connected.
- Report the fake profile to LinkedIn.
How to spot a fake profile online:
Here are a few tips to help you spot fake profiles on social platforms:
- Positioned as Aviva employees – often senior i.e., directors or managers
- Showing very little activity or detail on their online profiles
- Using stock images on their social media accounts obtained through generic stock image searches
- Living or going to university in other countries to Aviva’s locations.
What to do if you receive a fake social media request:
- Are you able to verify the profile? Do you know the person in real life?
- Check their profile. Is it what you would expect? Is the profile very new or perhaps inactive? Are the images used on the social media accounts consistent? Does something feel off?
- If you’ve accepted a fake profile: report the profile to LinkedIn and remove the connection from your networks.
What to look out for in the future:
- New connection requests using similar tactics
Phishing, phone calls (vishing) or texts (smishing) attempts using details found on LinkedIn.
