LinkedIn bug allowed fake job opening for Google's CEO position
Just recently, a job opening appeared on LinkedIn, one aimed at hiring a replacement for Google CEO Sundar Pichai. But, the weird part is, Pichai hasn't announced his departure. So why is the company looking for his replacement? Turns out, it isn't. Someone just exploited a LinkedIn bug to post an unauthorized job opening on Google's behalf. Here's all about the bug.
Bug allowed posting jobs on company pages
The person, who posted the unauthorized job opening is Michel Rijnders, a Netherlands-based recruiter who wanted to flag the bug in LinkedIn. He said the issue allowed anyone to post a job on any company's LinkedIn business page without any authorization. The unofficial listing appeared in the 'Jobs' section of the company's official page and even in Googe job listings, scraped from recruitment sites.
Here's the fake LinkedIn job posting on Google
Also, the job was posted for free
Typically, LinkedIn users have to take a premium subscription to post a job for their company. But, in this particular case, Rijnders created the opening for Google's CEO without paying a penny. "When I create a job post for a company, no questions are asked," he said, adding "I can also set up an external URL to which applicants for your job are redirected."
Later, LinkedIn acknowledged and patched the issue
After the issue was flagged, LinkedIn took down the unofficial listings and started working on a patch. The Microsoft-owned company later revealed that the issue stemmed from a bug that went live when they were testing the ability to let small businesses post jobs for free. It added that issue has now been resolved and the service is functioning normally.
Issue could have created major problems
If LinkedIn hadn't addressed this issue in time, malicious users would have had the ability to trick unsuspecting job seekers to apply for non-existent positions. Not to mention, they could have also fooled these users into visiting third-party sites and providing their confidential details there as part of the fake application process. This could have bolstered cases of account hacks and identity thefts.
Here's what LinkedIn said about fraud job postings
"The issue has now been resolved," LinkedIn told Adweek, noting that "fraudulent job postings are a clear violation of our terms of service. When they are brought to our attention, we quickly move to take them down."
