The head of British intelligence agency MI5, Ken McCallum, warned last week of attempts by cybercriminals from hostile countries to obtain data via social networks. McCallum described the activity as being on "an industrial scale". During the last five years, at least 10,000 British citizens with access to sensitive information were approached by malicious profiles connected to hostile entities.
The BBC reported that although he did not say it specifically, the platform that McCallum was referring to is the social and business network LinkedIn. According to the report, the citizens who were approached included staff from almost all government departments and major industries. The main method of operation was attempted recruitment or offers of business trips, with the meeting itself intended to trick them into providing the sensitive data.
The Centre for the Protection of National Infrastructure, which belongs to MI5, recently kicked off a campaign called "Think Before You Link", intended to educate public servants on proper use of social networks. "Criminals and hostile actors may act anonymously or dishonestly online in an attempt to connect with people who have access to valuable and sensitive information," said a message on the campaign's website, which also provides advice on identifying and minimizing threats. "No-one is immune to being socially manipulated into wrongdoing through these approaches."
It should be mentioned that about two years ago a former CIA agent named Kevin Mallory was convicted of espionage for China, and was sentenced to 20 years in prison after being initially approached by hostile Chinese entities on LinkedIn. The company welcomed the campaign and said "Teams at LinkedIn work to keep LinkedIn a safe place where real people can connect with professionals they know and trust."