Your LinkedIn Is Used As First Point Of Entry By Hackers

Media Division | July 15, 2015

The high-profile retail breaches and celebrity photo leaks  gives you an impression that hackers only target prominent companies and individuals, but this isn’t true. Did you know that cyber criminals are also interested in LinkedIn profiles?

Your presence on LinkedIn has a significant impact on how co-workers, influencers, employers, and other professionals perceive you in the real world. The last thing you need is an adversary hacking your account and spoiling your online reputation.

Why hackers are interested in your LinkedIn profile?

LinkedIn profiles are a gateway for hackers to get insider information about corporations and their employees. For example, they want to acquire the company email address; this combined with corporate data can be sold on the black market.

Even acquisition of a single employee email address through LinkedIn can help hackers figure out corporate email addresses of others in the same company, as corporate email addresses have a similar formatting pattern. Information about senior executives is of particular interest to cyber criminals.

Apart from the valuable data that is openly displayed, hackers can get access to LinkedIn profiles by cracking the password, which would give them details such as who are your connections, who you have sent an InMail to, and more. All this information can be used to launch phishing attacks on your connections in the future. The end result is the launch of a very sophisticated social engineering attack.

Cyber criminals are also taking advantage of the public perception of companies and individuals presented on LinkedIn. They want to get as much information as they can to find a way to spoof anyone who does business with you. LinkedIn information carries legitimacy that encourages others to click on links, so if your account is compromised by a cyber criminal, anything posted to your feed will be seen as legitimate.

How to protect your LinkedIn account?

You’ve taken some time to build up a reputation on LinkedIn and make strong connections, so it is wise to protect your account in every way possible. Here are a few measures you can take:

  1. Activate two-step verification: It will require you (and the hacker) to provide more than one type of verification to login the account, usually a passcode that is sent to your mobile device. This can significantly decreased unauthorized access of your account from unknown devices. It can be turned on by going to Settings > Account Manager security settings.
  2. Opt for password best practices: It is vital to opt for good passwords with a mixture of upper case & lower case letters as well as numbers and symbols. You should never choose ‘remember my password’ when using LinkedIn from a publicly shared computer. Also, make sure the LinkedIn password is different from the passwords you use on other social networks.
  3. Modify your Privacy Settings: While LinkedIn offers some built-in security features, it is always a good idea to decide what information you want to receive, share and display. For example, you can turn off activity broadcasts which will make changes to your profile invisible to your connections. So the updated or modified information won’t be visible to cyber criminals who might have added you as a connection on LinkedIn with an anonymous profile.
  4. Download your data: Thanks to LinkedIn’s new feature, you can export all your profile data including activity, updates, searches, and IP records from the Settings menu. It enables users to monitor every activity they’ve conducted (or not conducted) on the platform to determine if someone else has made any update or search with unauthorized access to the account.

Your LinkedIn profile is one of your most important online identities, so it is important to act at earliest to avoid any future mishaps.

MEDIA DIVISION
Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.