LinkedIn includes a platform that allows advertisers to display targeted ads to linkedin.com users. The advertiser can specify the URL of the advertised website. As the result, this presents an opportunity to direct linkedin.com visitors to malicious websites through LinkedIn ads.
However, I have not found any confirmed incidents where the LinkedIn website was used to host such malvertisements. Why not?
This might be because of a relatively high cost of setting up a LinkedIn campaign. Though the site allows advertisers to budget as little as $10 per day, the minimum cost per click is $2. That’s more than many other advertising venues would charge.
Another reason for scammers not distributing malicious ads through LinkedIn might be the effort it takes to build a reputable LinkedIn profile, which is necessary to submit the ad. Though this cost isn’t very high, it may be more effort than what’s involved in submitting ads to other venues.
Do these reasons make sense to you? Do you have a better explanation for the apparent lack of malvertising on linkedin.com, despite the site’s potential to distribute ads to the desired demographic?
This post is part of a series that explores LinkedIn scams, fraud and information security risks. The other posts are:
- Why There Are Fewer LinkedIn Scams and Malware Than Facebook Ones
- Exploring LinkedIn Look-Alike Email Spam Campaigns
- Scams and Malicious Activities Using the LinkedIn Website
- The Use of Fake or Fraudulent LinkedIn Profiles