At least one of the fake recruiters, using the name Jennifer White, had received endorsements from new connections for skills that she clearly did not have based on her listed work history.
Such endorsements can establish an account's credibility and make it easier for attackers to score additional connections.
A person who endorsed Jennifer White and who works at a large U.S.-based defense contractor admitted that it was "a bad habit to give out such endorsements without really knowing the other person," the F-Secure researchers said.
The people behind the fake recruiting accounts only keep the fake identities they create for about a week and then remove the profile pictures and change the names associated with the accounts.
It's not clear what their end goal is. The campaign could be part of a research project about social media risks that someone plans to disclose at a later time or could be the work of hackers looking to gather information they could use to build targeted attacks against security companies.
According to reports based on documents leaked by former U.S. National Security Agency Edward Snowden, the U.K.'s GCHQ used fake LinkedIn profiles to target network engineers from Belgian telecommunications operator Belgacom in the past.
Regardless of whether this new intelligence gathering campaign is malicious or not, the incident should serve as a reminder to employees everywhere that accepting connection requests from unknown persons on social media can be dangerous and so is detailing your existing work duties in online resumes.
Sign up for Computerworld eNewsletters.