A LinkedIn Loophole Allowed Members to Post Fictitious Job Openings on Company Pages

Netherlands recruiter Michel Rijnders was able to add listings for CEOs at LinkedIn, Google

Want to be CEO of this Mountain View, Calif.-based company?
JasonDoiy/iStock

LinkedIn patched up a loophole that enabled members to post job openings on company pages without authorization.

Netherlands-based online recruiter Michel Rijnders discovered the loophole and posted about it on LinkedIn, noting that he was even able to create a job opening for CEO of LinkedIn, which appeared on the professional network’s official company page.

Rijnders wrote, “Everyone can post jobs that are assigned to any employer of their choosing. For example, I can post a job at LinkedIn. When I create a job post for a company, no questions are asked. You recommend to receive applications via LinkedIn, but I can also set up an external URL to which applicants for your job are redirected.”

He was also able to create a job listing for CEO of Google.

A LinkedIn spokesperson said, “This issue was caused by a bug in our online jobs experience that allowed members to edit the company after a job had already been posted. The issue has now been resolved. Fraudulent job postings are a clear violation of our terms of service. When they are brought to our attention, we quickly move to take them down. While we do allow companies to post on behalf of other companies (such as in the case of recruiting firms), this is only permitted with the knowledge of both parties.”

The professional network added, “Regarding free job postings, we have not historically had free job postings as part of the LinkedIn experience. However, we’re running a test that allows small and midsized businesses to post a limited number of jobs for free. This member was a part of that test.”

Paul Rockwell, LinkedIn’s head of trust and safety, said in a comment on Rijnders’ post, “Thank you, Michel Rijnders, for bringing this to our attention. We’ve removed the posting and we’re resolving the issue that allowed this post to go live. LinkedIn is a place for real people to have real conversations about their careers. It’s not a place for fake jobs. Posting jobs without explicit permission or knowledge of another party is against our terms of service. We are committed to stopping fraudulent jobs from ever reaching our members through automated technology and the help of our members reporting any suspicious job postings.”

Prior to the loophole being fixed, Matt Binder of Mashable reported that Rijnders was able to create a listing for a job opening at Mashable, for an assistant to Binder, more than 24 hours after publishing his LinkedIn Post.

Rijnders told Binder in an email, “For a while I noticed scrapers, like Jooble, posting massive amounts of jobs at companies on LinkedIn without consent of those companies. A lot of companies complained without any result. The bad thing is (that the scrapers) collect the application details of applicants who think they actually apply at the company. These companies also seem to only pick smaller companies to do this with less risk of getting into trouble. Because LinkedIn didn’t really seem to see this as a problem, I used the same loophole to make the problem a bit more clear and urgent to them.”