Comment by devy
5 months ago
The pseudonym "Mykola Yanchii" on LinkedIn [1] doesn't look real at all.
Click "More" button -> "About this profile", RED FLAGS ALL OVER.
-> Joined May 2025 -> Contact information Updated less than 6 months ago -> Profile photo Updated less than 6 months ago
Funny things, this profile has the LinkedIn Verified Checkmark and was verified by Persona ?!?! -> This might be a red flag for Persona service itself as it might contain serious flaws and security vulnerabilities that Cyber criminals are relying on that checkmark to scam more people.
Basically, don't trust any profile who's been less than 1yr history even though their work history dated way back, who has Personal checkmark, that should do it.
[1] https://www.linkedin.com/in/mykola-yanchii-430883368/overlay...
PSA: If you are logged in to LinkedIn, then clicking on a LinkedIn profile registers your visit with the owner -- it's a great way for someone to harvest new people to target.
On another note, what's unreal about the pseudonym? It's a Ukrainian transliteration of Николай Янчий (Nikolay Yanchiy). Here's a real person with this name: https://life.ru/p/1490942
You can change a setting so that you only show up as a view but not who you are.
Unless they pay for it and then they can see everyone who clicks on your profile again.
6 replies →
How am I supposed to become a real, trustable person on LinkedIn if I'm not already there?
Be a real, trustable person in real life. Let your real colleagues, acquaintances and friends contact you.
Create an account and let it age.
Seasoned accounts are a positive heuristic in many domains, not just LinkedIn. For example, I some times use web.archive.org to check a company's domain to see how far back they've been on the web. Even here on HN, young accounts (green text) are more likely to be griefing, trolling, or spreading misinformation at a higher rate than someone who has been here for years.
> Seasoned accounts are a positive heuristic in many domains, not just LinkedIn.
Yep. This is how the 3 major credit bureaus is the United States to verify your identity. Your residence history and your presences on the distributed Internet is the HARDES to fake.
23 replies →
This is why aged yet rarely used accounts are so valuable for hackers to gain control.
All of the Year 1 Facebook accounts with more than a decade of activity that have been inexplicably banned and deleted in 2025 salute you.
6 replies →
> Create an account and let it age.
So, just hire one of those "account aging" services?
Because if you expect people to go there keeping everything up to date, posting new stuff, tracking interactions for 3 years and only after that they can hope to get any gain from the account... That's not reasonable.
2 replies →
Account can be stolen
Exactly. There are at least several different modes these scammers are operating in but eventually it all boils down to some "technical" part in the interviews where the developer is supposed to run some code from an unknown repository.
Nowadays just to be sure, I verify nearly every person's LinkedIn profile's creation date. If the profile has been created less than a few years ago, then most likely our interaction will be over.
I just spin up an EC2 instance for the interview
That's the right approach. On the other hand, do you even want to participate in a scam interview?
1 reply →
> This might be a red flag for Persona service itself as it might contain serious flaws and security vulnerabilities that Cyber criminals are relying on
Persona seems to rely solely on NFC with a national passport/ID, so simply stolen documents would work for a certain duration ...
LMAO this post on his page has to be an AI generated map, it puts the UAE in Bangladesh.
https://www.linkedin.com/posts/mykola-yanchii-430883368_hiri...
Anyway I think we can add OP's experience to the many reasons why being asked to do work/tasks/projects for interviews is bad.
yea, And this team-bonding pic has a ghost finger -https://www.linkedin.com/feed/update/urn:li:activity:7379209...
On linkedin company pics, look for extra fingers.
I think this is a real picture. I can't explain the ghost finger, probably just a weird angle but it doesn't give off the generated vibe. The poster of the photo seems to be a real person as well as the person who left a comment. Probably in the OP's case the company was real but the person was impersonating. I had been involved in a couple of these scams recently and the patterns are very similar but approaches slightly different.
Prompt: Stereotypical engineers pretending to celebrate. Add 2 points to hotness scale. Whites only.
You can click on the verification badge and see if the person has job verification. If not, that's a red flag. I never paid attention to this myself but I will in the future.
Some companies don't do job verification (for good reasons).
Interesting, I didn't know there is such thing on Li! Is this done by past employers?
You just verify that you have access to an email address that belongs to a company (@example.com) by entering a six digit code they send to your work email. This in theory verifies that you work there, but obviously nothing else like your actual position at the company.
From an attacker standpoint, if an attacker gains access to any email address with @example.com, they could pretend to be the CEO of example.com even if they compromised the lowest level employee.
2 replies →
You have to add it yourself and verify with your work email.
I honestly didn't even know about the feature until my most recent job when LI offered to verify.
> -> Joined May 2025 -> Contact information Updated less than 6 months ago -> Profile photo Updated less than 6 months ago
It's a red flag to be a new entrant on a platform.
FTR Wikipedia/Stak Overflow have also encountered this problem (with no real solution in sight) and new market entrants (new products) struggle with traction because they're "new" and untested, which is why marketing is such a big thing, and one of the biggest upfront costs for companies entering a market
"LinkedIn Verified Checkmark" I never managed to pass the verification check. Phone always freezes.
Whoever was operating that profile DFE'd. This is why you archive.
what is dfe
https://www.urbandictionary.com/define.php?term=dfe
DFE "deleted everything"
6 replies →
"Page Not Found"
Someone apparently deleted the profile.
ha ha so typical ! verified profile - oh Persona, you had ONE job ! :)