Tuesday, August 18, 2015

Ders Gold in Dem Dar Profiles

Photo 1: LinkedIn contacts list (click 2 expand)
I typically receive a few people a week outside of security that send me invitations to connect.  More regularly, the people that connect with me work in the application security and software development.  This week was unusual, I received ten connection requests from individuals employed by a company called Selling Simplified.  I had a sneaking suspicion my profile was being mined but I like to give everyone the benefit of the doubt.

To begin I thought I would investigate the companies home page.  The company does have a web page online.  I wanted to get some idea if this was a real company or not.  I checked out the jobs page.  I didn't notice many job openings but there were a few.  Then I review their leadership page.  Several company leaders are listed with bios.  There are also many blog posts.  My initial impression is that it's a legitimate business.  Next, I opened a couple of the Selling Simplified profiles.

Photo 2: LinkedIn profile detail





Photo 2 is one of the LinkedIn profiles expanded.  There's a name, a position, some skill endorsements, but as I scroll down the screen no employment history.  I serious doubt this is a real LinkedIn profile belonging to a person.  It's likely part of an automated tool to mine contact data.  I have about 2800 contacts but I don't share them.

Photo 3: LinkedIn protecting contacts
The company focus appears to be "lead generation".  Apparently, my friends and I are targets to bolster Selling Simplified lead generation database.  I'm betting mining with bots like this is against LinkedIn's terms of service.  Still there is no guarantee this activity is sanctioned by the company or the work of a script savvy sales agent.  In the event your profile gets minded, protect your professional contacts by adjusting the setting as shown in Photo 3.

You can also protect your contacts by only allowing your closest friends to join; however, I find this an impractical strategy.  I receive many connection requests from people I don't know very well but like to follow security news.  If a close friend desires to be introduced to one of your contacts they can ask.  The lesson here is to be aware of your contact requests, follow your hunches, and keep contact sharing turned off on your profile.


Share It!