Fake CISO LinkedIn profiles target well-known firms

A large number of fake profiles for chief information security officer (CISO) roles at large well-known corporations are appearing on recruitment network LinkedIn, according to former Washington Post journalist-turned-cyber security specialist Brian Krebs.

Detailing the investigation on his website, KrebsOnSecurity, the cyber sleuth cited the example of Victor Sites who, when you search LinkedIn for the CISO of energy giant Chevron, comes up as the person who holds this position at the firm.

Sites’s profile says he is from Westerville, Ohio and is a graduate of Texas A&M University – yet he is not the actual CISO of Chevron – the person who holds that position is Christopher Lukas of Danville, California. And this, according to Krebs, is one of the many fake accounts plaguing LinkedIn.

Krebs added that the fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies as they are being indexed as gospel by various downstream data-scraping sources.

Google, for example, is also under the impression that Sites is in fact Chevron’s CISO. Krebs tested the search engine to see what results came up by searching “who is chief information security officer at Chevron,” and Victor Sites came up top.

While there wasn’t enough information to point to one single source, Krebs noted that in August the security firm Mandiant told Bloomberg that hackers working for the North Korean government have been “copying resumes and profiles from leading job listing platforms such as LinkedIn and Indeed, as part of a scheme to land jobs at cryptocurrency firms.

“It’s not clear who’s behind this network of fake CISOs or what their intentions may be,” said Krebs, “but we are certain that these bogus accounts are disrupting search engine results for CISO roles.”

According to Krebs, LinkedIn is aware of a commonality between these bogus profiles because once Krebs clicked on one, the site suggested that he view a number of other ‘fakes’ in the “People also Viewed” column.

In a statement provided by LinkedIn to KrebsOnSecurity, the platform said: “We do have strong human and automated systems in place and we’re continually improving as fake account activity becomes more sophisticated.”

One major cyber security threat is ransomware. To read all about this threat – and how businesses can tackle it – check out TechInformed’s four-part Ransomware report here.