Americas

  • United States

Asia

Oceania

roger_grimes
Columnist

How to stick it to LinkedIn romance scammers

Feature
Jun 06, 20195 mins
FraudSecurity

LinkedIn is becoming a popular channel for criminals to find victims for romance scams. Here's how to identify, report and block those scammers.

hacker linkedin scam romance scam on social media phishing heart
Credit: gazanfer / Getty Images

LinkedIn is one of the last places you might ever hang out looking for love. But it is one of the top three social media sites in the world, so it makes sense that the romance scammers would look there for potential victims.

Still, I was surprised when I recently got a romance scam connection on LinkedIn.

Here’s how I identified the scam and what to do if you find yourself in a similar position. 

How my LinkedIn romance scam began

My LinkedIn romance scam scenario started with a connection request from an unknown person. This is not unusual; I get dozens of requests a day. I weed out non-computer security professionals, with a few exceptions for accountants, auditors and risk managers (since I was once an accountant and I believe that all computer security is about risk management).

In this instance, the person sending me the connection request claimed she was a college student named Remi Collins at Ohio Dominican University, as this image from her LinkedIn profile shows:

grimes romance 1 Roger Grimes

At this point, I wasn’t suspicious of the account at all. I had never heard of a romance scam on LinkedIn, and so I figured she is just one of the many college students that are interested in following me about computer security. But when I researched her profile, I couldn’t find any interest in computer topics, much less computer security, and so I (naively) think that maybe she accidentally joined my network. So, I asked her a question to make sure that she really intended to join my LinkedIn network:

grimes romance 2 Roger Grimes

Warning bells

Her response struck me as strange, but the scam warning bells weren’t yet going off in my head. I looked at her profile picture. Wow, a beauty. Still, no warning bells. I just wondered why a “fashion person” would be interested in computer security. As it happens, one of my co-workers, Jessica Shelton, is a super smart computer security person who happens to be a long-time international fashion runway model. So, it’s possible.

But Remi’s picture was just too fashion perfect. My scam warning bells finally went off … at least enough to check.

So, I did what I normally do when I get a likely romance scam photo. I take a screenshot of it and search for it on Bing and Google. Although I didn’t find the exact photo, both Bing and Google returned a lot of images of World Wrestling Entertainment (WWE) star Stacy Keibler. The LinkedIn profile image is heavily retouched, but looking at the eyes, eyebrows, nose, lips, and, in particular, her smile lines, I was pretty sure I had found the real person. It was frustrating that I couldn’t find the same photo because it meant I did not know for sure if Remi was a scammer.

Setting a trap

Next, I asked Remi if she was a buckeye. If you are familiar with Ohio State University, you know that its students call themselves buckeyes. People from other universities would not. Remi replied that she was a buckeye (see below). I also did research on Remi’s claimed university, and even though it offers over 49 degrees, none are fashion related.

grimes romance 3 Roger Grimes

Remi’s  comeback asking if I was married and had kids convinced me I was dealing with a romance scammer. As a 52-year-old fat guy, my litmus test is this: If an attractive young woman comes on to me, it’s either because she is a romance scammer or a Russian spy. I’m just not that charming.

Game on

I started by replying that I was divorced and lonely to see how long it would take Remi to start professing love (or longing) for me. The answer: under two hours.

Even though in my initial contact I had told Remi that I was computer security expert and just minutes later I was telling her I was a retired, lonely, rich accountant, the scammer on the other side was obviously running too many scams to keep track … or she was just fine with me switching careers.

The screenshot below shows part of our early conversation:

grimes romance 4 Roger Grimes

The “I am widow” claim is frequently used by romance scammers. They pull on your heart strings explaining why a terrific person like themselves is so lonely that they look for love online. Thirty minutes after this exchange, Remi sent this gem:

grimes romance 5 Roger Grimes

At this point my wife and I are cracking up. The conversation, which is too lurid to show here, continued. When I tired of being pursued by Remi, I told “her” that I knew she was a romance scammer and that I was computer security writer and wanted to interview the real person behind Remi.

Our chatting came to an abrupt end.

How to report and block scammers on LinkedIn

On LinkedIn (and nearly any other major social media site), it is easy to report scammers. Go to that person’s LinkedIn profile, choose the More button, and click on Report/Block.

grimes romance 6 Roger Grimes

Report and block scammers on LinkedIn

You can also remove them as a LinkedIn network connection (Remove Connection). Be sure to report them first, then remove the connection, otherwise you cannot as easily report them. I’m not sure how long it takes for LinkedIn to verify the reported scammer, but by the next morning Remi’s profile was no longer active.  

I also reported Remi’s Gmail email address (remico10123@gmail.com) to Google, although Google did not make that easy. I had to use a spam reporting form (which I had to look up in Help) and answer some of the requested information fields incorrectly to submit the block request.

LinkedIn’s popularity means that scammers of all types are trying their luck on the platform. No doubt there will be victims. Use this article to warn people and update your security awareness training programs.

roger_grimes
Columnist

Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist and is the author of Cryptography Apocalypse.

More from this author