Is someone trying to recruit you on LinkedIn? You might want to take skeptical look at that person's profile.
A new report from Symantec found that the social network is "a prime target for scammers" who pose as business recruiters.
How third-party sites are monitoring your online shopping habitsNov. 30, 201504:05
These fraudsters often use photos of women that they take from stock image sites or steal from real profiles, as well as copy-and-pasted summaries and work histories.
Because recruiters actually use LinkedIn to contact potential job candidates out of the blue, scammers have an easier time convincing users that they're the real deal.
Once they connect with one real professional, often in the information security or oil and gas industry, they can "establish a sense of credibility among professionals in order to initiate further connections," according to the Symantec report.
From there, according to the report, scammers can map out networks of business professionals to see how people are connected. They also "scrape contact information from their connections, including personal and professional email addresses as well as phone numbers," all of which can be used to send spear-phishing emails.
The report didn't elaborate on how widespread the scam is, aside from noting "we have seen a growing number of incidents."
Related: Iran-Based Hackers Created Network of Fake LinkedIn Profiles
In response to Symantec's findings, a LinkedIn spokesperson told NBC News that the company investigates violations of its terms of service, "including the creation of false profiles," and takes "immediate action" when those violations are discovered.
"We have a number of measures in place to confirm authenticity of profiles and restrict or remove those that are fake," the spokesperson said.
To protect yourself, Symantec recommends doing a reverse-image search on recruiters to see if their profile picture is stolen from somewhere else. Copying and pasting their work history, then Googling it, is a good way to find out if it was taken from another user. Scammers can always be reported to LinkedIn to make sure they don't bother anybody else.