CIA agents have fake social profiles

LinkedIn - How spies use fake profiles to establish contact with target persons

Katie Jones was well connected in Washington. Their contacts reached into the highest political circles. No wonder: According to her LinkedIn profile, she had a job at a renowned institute. Incidentally, the red-blonde woman in her thirties was also outwardly attractive. What could not be seen at least at first sight: this woman never existed. Rather, it was one of countless fake accounts on the online platform.

According to experts, the photo of "Jones" was created with the help of artificial intelligence. "I am convinced that this is a fake face," says Mario Klingemann, who has been experimenting with artificially generated portraits for years and who, according to his own statements, has checked tens of thousands of such images. The Californian expert Hao Li points out inconsistencies in the area of ​​the eyes, the unnatural shine of the hair and smeared areas on the left cheek.

The USA accuses China of espionage in particular

The procedure also follows a pattern that is emerging more and more often in social media. "It smells a lot like an operation organized by a state," says Jonas Parello-Plesner, who works for the Denmark-based Alliance of Democracies foundation and who himself was the target of an espionage campaign launched on LinkedIn a few years ago.

William Evanina, who heads the US National Counterintelligence and Security Center, accuses China in particular of targeting American targets with fake profiles on LinkedIn - on a “massive scale”. "Instead of sending a spy to some parking garage in the US to recruit someone, it is much more efficient to sit behind a computer in Shanghai and send friend requests to 30,000 people," he said in a written statement when asked by the AP news agency .

Read here:
Germany threatens to fall further behind in terms of artificial intelligence

This is what makes LinkedIn so risky:

In May, retired CIA agent Kevin Mallory was sentenced to 20 years in prison for allegedly providing information about secret operations to Beijing. The starting point for the man's connections to China was apparently a LinkedIn request from an opposing spy who had initially pretended to be a recruiter.

Unlike Facebook, where the focus is on friends and relatives, for most users, LinkedIn is about maintaining and building a professional network. In this respect, it is not uncommon to share résumés or project ideas with strangers and to establish contacts solely on the basis of the information provided in the profiles. This has not only made the platform a huge job market, but also a treasure trove for spies.

High-ranking contacts make you credible

Western intelligence services are concerned about this development. The responsible institutions in Great Britain, France and Germany have already warned against the scam in recent years.

LinkedIn itself stated on request that it routinely took action against fake profiles. Thousands of such accounts were deleted in the first three months of this year alone. Users are advised to "network with people you know and trust - and not just with everyone".

The Katie Jones profile only had 52 contacts - but they were high enough to be credible. The AP was able to speak to around 40 people who networked with the fictional woman between the beginning of March and the beginning of April. Many of them admitted that they would usually accept all requests on the platform without further scrutiny.

Fatal: accept requests without checking

"I'm probably the worst LinkedIn user in the history of LinkedIn," said economist Paul Winfree, who served in the first year of Donald Trump's presidency in the White House and is currently a candidate for a key post at the Federal Reserve is traded. He seldom logs into the site - and when he does, he usually clicks on "confirm" for all pent-up inquiries. On March 28th, he did the same in the case of "Jones".

Lionel Fatton, who teaches East Asian Studies at Webster University in Geneva, said he hesitated for a moment because he had never met a woman by the same name. "I can remember being cut off," he told the AP. "But then I thought:" What's the harm? "

Also read:
Windows security vulnerability Bluekeep: Another warning

"One is less vigilant"

The expert Jonas Parello-Plesner emphasizes that the potential damage is done in a subtle way. Networking with a profile like that of "Jones" enables its creators to contact them directly, he says. At the same time, other users could view the link as a kind of recommendation. "You are less vigilant and induce others to be less vigilant themselves."

Keir Giles, a Russia expert from the Chatham House Institute in London, also received an inquiry from "Jones". Having recently dealt with an independent espionage case targeting critics of the Russian software company Kaspersky Lab, the request made him suspicious. According to the profile, the woman has worked for years as a Russia and Eurasia expert at the Center for Strategic and International Studies (CSIS) in Washington. And Giles said to himself, if that were true, "then I should have heard from her".

"Jones" profile has since disappeared

The CSIS spokesman Andrew Schwartz confirmed to the AP that "nobody by the name Katie Jones" works for the institute. The "Jones" profile also mentioned a degree from the University of Michigan. But the university said on request that it did not know anything about a person with this name who had obtained a corresponding degree. Shortly after the AP asked LinkedIn to comment, the "Jones" profile disappeared. Messages sent directly to "Jones" - via the online platform and an email address given in the profile - had previously remained unanswered.

From RND / AP