The image above is of a message that I received just a little while ago on LinkedIn.
Now some of you are immediately, going “scam” 😃 If you are in that category, read no more — this post is probably of no use to you. If you thought, even for a fraction of a second, that the message might be legit, then read on … I have a bridge to sell you 😀
Kidding … I don’t sell bridges, I sell specialized services 😀
All kidding aside, this kind of message should be setting off all kinds of alarms if you received it. Here are a few things to note:
- Nobody sends an opportunity just for you — you (nor I) are that special … unless of course, you have a prior relationship with the person who sent you that message. If it’s a stranger, it’s really unlikely that they will seek you — a complete stranger to them — out just to offer you first dibs on a lucrative new project.
- They don’t actually mention any details of the project nor your actual competency that is of interest to them. They simply use vague phrases which might fit anybody and are sending the same message to hundreds (if not thousands) of other “special” people.
- Attachments/links — by now, everybody should be trained not to click on attachments or unknown links from strangers. And yet, it’s surprising how many people simply go ahead and click that link. If you are tempted, don’t! You have no idea where that link leads, or what that document does.
In the case of strange attachments or links, one really good resource that you can use is VirusTotal — it will run any files or URLs that you provide it through over 70 virus scanners and tell you if the source contained any malware.
Of course, you shouldn’t rely just on VirusTotal. For example, when I ran the link from above via VirusTotal, it said there was no known vulnerability. But that’s because the link goes to a OneDrive file which seems to redirect you to download another file. But that requires you to login and I wasn’t going to tempt fate beyond that point 😝
Also, it is possible that the end result is simply a Word file that you need to download and open. And within the Word file might be a macro crafted to do something nefarious. So, the upshot is, unless you know what you are doing, do not open the file, just let it be.
So what do you do if you receive such a message on LinkedIn?
LinkedIn provides a handy report tool right there in the message window. See the three dot icon on the top right of the message window next to the close icon? That opens a menu which has a Report option. Use it — report the person because they probably are sending the same message to so many others and they might not all be as suspicious (or aware) as you 😃
Good luck and stay safe out there — both online and in the real world!
