The curious case of Laure Fabre, the Google Ventures France “employee” on LinkedIn

The curious case of Laure Fabre, the Google Ventures France “employee” on LinkedIn
Uncategorized

default_profileFor me, each Social Network has its own rules, in terms of who I accept/follow. I’ve always been quite particular about who I follow with my personal account, and we tend to follow people we engage with and people who we write about with @RudeBaguette.LinkedIn, unfortunately, due to its business nature and the advantages that come with having more connections, has always defaulted to a business card repository for me (especially since they bought Card Munch). This means that, unless someone’s profile has nothing to do with tech in France, I’m likely to accept their invitation – because, why the hell not?

Enter Laure Fabre, Chef de Projet at Google Ventures France

Last last week I received a request from an ambiguously empty profile – A Masters from HEC, no profile picture, and one job reference –  however, it seemed to be someone from GV France, so I accepted and sent out an email (her email:[email protected]) requesting more information about their activities in France. No response.

I woke up Thursday to find that I was not the only one who had been contacted by this mystery person. According to Lionel Tressens, cofounder of LoungeUp: “everyone in the french startup world received it… she started with 0 connections last week.”

I reached out to Jodi Olson, a contact from Google Ventures who I had talked to just a few months ago about Why Google Ventures doesn’t invest in Europe. I asked her to clarify the confusion, and perhaps even shed some light on Ms. Fabre’s activities. Her response as follows:

“Thanks for reaching out. I’m not sure who this person is. We don’t have Google Ventures staff in Europe.” – Jodi Olson, Google Ventures

By the time I received this email, the LinkedIn account had been deleted. I can see from my LinkedIn message archives that the account has been deleted (account id: 235660552), and when I went to see if I could learn anything through her aforementioned Gmail account, it seemed I had just missed her.

Gmal-delete

And so, while I had planned on warning people to disconnect with this imposter, I guess the bigger lesson here is to only connect with people you know. Connecting with someone on LinkedIn, while it may seem harmless, gives them access to your network, as well as your contact information. With Phishing becoming more & more popular via social networks, one false step can land you with a stolen identity, online, or worse, in real life.

Update: LinkedIn’s PR representative, Esther Ohayon, got back to us about the incident:

“There’s little benefit to members in presenting inaccurate information about themselves on LinkedIn, due to the visibility LinkedIn offers someone will notice. Secondly, we’d encourage members to only connect with people they know, and encourage members to report suspicious profiles. Finally, our User Agreements addresses this directly ( section 10.2)

 

2 Responses

  1. Avatar
    David Bruant

    ” I guess the bigger lesson here is to only connect with people you know”
    => Although I agree with the overall idea, I’d like to add a pinch of salt to that lesson.
    Recently, I’ve been contacted via LinkedIn by someone I didn’t know but who wanted to reach me out to talk about the FM Radio API of FirefoxOS. He wrote a message saying explicitly that he wanted to talk about FirefoxOS.

    I spent a lot of time searching for the person, because indeed, I didn’t know him. As soon as the background check showed no sign of him being a spam account for sure, I accepted.
    And it’s now been a week that we’re constructively discuss how to improve the FMRadio JavaScript API.

    The “error” you’ve made by accepting “Laure Fabre” was of good faith. I know I’d re-accept a “stranger” again if there are enough signals showing it’s not pure spam.

    There are different things to consider:
    First, not everyone is a “communication expert”, meaning that not everyone is aware that different social networks can have different purposes. You (Liam) have a great literacy of the web, but that’s not the case of everyone. I’ve been surprised that even at big tech companies, some people don’t have a good web literacy. I wouldn’t be surprise if that was the case for Google Ventures too.
    So sometimes, you get a friend/connection request from someone who may not understand they’re not using the most appropriate tool. Often they’re not aware of other tools.

    Then, LinkedIn is an interesting tool but need to mature. The kind of “social network phishing attack” you’ve been the victim of demonstrates some inadequacies in the tools. LinkedIn uses “number of common contacts” as a measure of being tightly connected but that doesn’t work. Some people want always more connection (dick size measuring), so they are inclined to accept any request. If you have some of these among your network, an attacker can connect to these before trying to connect with you. If you see “5 common connections”, you’re more likely to think it is legit and accept it.
    Another problem is that as far as I know, it’s not possible to filter/limit what you show to people on LinkedIn. This is unlike relationships in the physical world where the more time you spend with someone, the bigger the trust grows, the more you share.

    Especially for LinkedIn, it’d be interested that LinkedIn ask “during which professional/school experience/project did you meet that person?”. SInce things are dated, it’d be pretty clear for how long you’ve known the person. If both have filled their info, it’s easy to cross-reference. None of that would mean in absolute terms “I trust this person because I’ve known him/her for long” and there can be mismatches every once in a while, but knowing that people have actually work together is a stronger signal than just being connected on LinkedIn.

    Anywayzz. Fascinating article!

Leave a Reply

You must be logged in to post a comment.