Deepfakes and the 2020 United States election: missing in action?

Watch out for LinkedIn fakes who want to get connected

Despite continued warnings of deepfake chaos during major events, things haven’t worked out the way some thought. Those video deepfakes are bad, and they remain bad. Quite simply, nobody is fooled – or at least, nobody able to make a mistaken snap judgement in a way that matters.

As much as we over dramatise their use in our heads, the video aspect of deepfaking has a long way to go to pull the proverbial wool over our eyes. But it’s a little bit harder to spot an AI-generated image, as you can see on sites such as This Person Does Not Exist, and some people are using these fake images on social media.

When LinkedIn connections go wrong

Two Stanford University researchers, Renée DiResta and Josh Goldstein have found more than 1,000fake Linked In profiles using AI-generated faces.

The story begins with someone sending a message to an individual on LinkedIn. Nothing odd there, except the recipient happens to know their way around AI generated images.

The avatar attached to the profile did indeed turn out to be entirely fictitious; “Keenan Ramsey” does not exist. From there, the pretend people were unearthed doing their thing on LinkedIn.

These “employees” were tagged under various businesses, except those businesses said they didn’t authorize the use of computer generated profile imagery. The researchers digging into this discovered companies selling LinkedIn marketing services. They also offered bot/avatar accounts, which is a no-no from LinkedIn’s perspective.

The long tail of deepfake marketing

It’s somewhat bizarre that people may be making money from selling web generated profile pictures to businesses that could just do it themselves given 10 seconds and a web browser. It’s also bizarre that nobody at any point in this daisy-chain of fake people’s profiles seems to know exactly where, or how, or why any of this has been happening. Who is responsible? What are these accounts doing besides perhaps bolstering employee count numbers?

A very good question.

For now, it may be worth paying close attention to random messages and/or connection requests on LinkedIn. Is the person at the other end who they claim to be, or a business-realm fakeout? It may be tricky to pin down a conclusive answer, but I’d definitely rather know just who is wanting to get inside my connections network…and why.

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.