A group of hackers suspected to be based in Iran are using fake LinkedIn profiles to target victims across the Middle East including the UAE according to cyber security experts from Dell SecureWorks' Counter Threat Unit.

The group - which researchers have designated as Threat Group 2889 - has created at least 25 different personas on the popular business-oriented social network using the photographs of innocent individuals with no connection to the group's activities. Of these eight are "leader personas" with extremely detailed profiles including educational histories current and previous job descriptions LinkedIn group memberships and in most cases over 500 followers.

"LinkedIn is fairly well-known and used by most professionals . it's a sophisticated and well-planned means of social engineering" said Mark Morland Dell SecureWork's Regional Manager for the Middle East. "They've created a lot of fairly granular and detailed LinkedIn profiles and actually having a set of endorsers behind those to enable the profiles to appear as legitimate as possible.

"A lot of these profiles have been created very cleverly from what would appear to be people within the target's company or from a recruitment consultant perspective" Morland added.

"Gaining trust and an initial acceptance of connection has been fairly easy for them."

Of the 204 potential targets of the group identified by investigators the majority are in the Middle East including 27 in the UAE 28 in Qatar and 39 in Saudi Arabia. Many LinkedIn users targeted by the group operate in the telecommunications industry government and defense organisations or large corporations.

"Certainly they want to infiltrate networks but to what end we don't know. It might be theft of intellectual property disruption to business operations in terms of the availability of the systems or competitive information" Morland noted. "This has been going on awhile."

Dell researchers used a variety of techniques to lead them to suspect the hackers are located at least partly in Iran which Morland said he believes indicates at least some level of state-sponsorship by the Iranian government.

"We've seen a lot of that" he said declining to go into further detail.

Gopan Sivasankaran Dell SecureWork's Senior Security Architect said that a significant factor in such attacks are that organisations often adopt high-tech defenses but lack basic security awareness among employees.

"In the region we've seen people invest a lot in technology but then really not focus on people and process" he said. "You should get all three right."

To prevent such attacks Morland urged users of LinkedIn to be cautious and avoid making connections with unknown people.

"Be weary of people you personally don't know even if they have associated connections. They could have been duped" he said. "Also any post of message containing a web link or attachment should be absolutely avoided at all costs because it might be malicious."

"As a security guy it's just crazy that (someone) accept a LinkedIn invitation from somebody you didn't know. You wouldn't do it on Facebook so you shouldn't when you get into the workplace."

Bernd Debusmann Jr. Originally from Mexico City I've been in Dubai since January 2015. Before arriving in in the UAE I worked as a general news reporter in TV and print in Mexico City NYC and Washington DC. I'm interested in defence issues politics technology aviation and history. In my spare time i enjoy traveling and football - I'm a keen fan of Chelsea FC. I developed an interest in the Middle East traveling through Jordan and the West Bank. I have a BA in Political Science from Dickinson College in the USA and an MA in International Journalism from City University London.