- 12th January 2021
- Posted by: Phil Aston
- Category: Business, Growth, Security, Technology, Uncategorised
Did you know that closing your account on LinkedIn doesn’t delete it entirely? Therefore, if you decide to leave the networking platform one day, anything you published there will still be available to hackers, should LinkedIn’s defences be breached.
That’s pretty frightening, but it’s also a timely reminder that we all need to be very careful about our activity and level of openness on LinkedIn.
The 5 most common LinkedIn scams
Here are the most common scams you could be subject to on LinkedIn:
- Dodgy contact requests: these originate from fake user accounts who want to get into your network and closer to your data.
- Fake inheritance schemes: “you’ve been left £3,000,000 by your great, great aunt” – that kind of thing.
- LinkedIn technical support impersonations: “to fix your account, we just need your password” – you know where that kind of conversation is going.
- Compromised accounts: it might look like one of your legitimate connections, but what if their account has been hacked?
- Fake job offers: these callous attacks often fool people into accepting job offers, only to never be paid when the time comes.
What is LinkedIn phishing? It’s a big deal
During the third quarter of 2020, LinkedIn phishing emails were the most clicked social media scams with a 47% open rate.
There’s a reason scammers are so interested in LinkedIn. It contains over 690 million professionals, most of whom rely on the platform to forge profitable business connections.
This makes it a rich hunting ground – literally – for cybercriminals. They know that people are often prone to oversharing on social networks, and bank on the fact that many LinkedIn users will gladly accept connection invitations without consideration.
However, what if you inadvertently accept an invitation to connect with a scammer? It’s important to keep in mind that LinkedIn has three levels of relationship weighting (first-, second-, and third-degree), but you have no control over who’s placed in which category.
It’s all based on your assumed proximity to that person, therefore it’s alarmingly easy to connect closely with someone who might simply want to steal your personal data.
LinkedIn increases your exposure on Google
If you post the wrong type of stuff on LinkedIn or share too much personal information, it isn’t just the platform which displays it.
LinkedIn is of course highly indexed by Google, therefore if you search for more information on an individual, there’s a high chance Google will surface data from LinkedIn.
This is irrespective of any privacy changes that user might subsequently make. It’s why Google sometimes displays details about people on LinkedIn who have since made their profile private.
But don’t worry. If you’re now panicking about your own LinkedIn presence, you simply need to avoid sharing the following types of information.
Personal contact details
One of the easiest places to start as a hacker is obtaining the personal contact details of an individual.
You’d be amazed by what they can do with just your name, home address, or phone number. So, don’t share it publicly on LinkedIn.
The same goes for details on your personal whereabouts (you may want to shout about the fact you’ve just taken a break in the Bahamas, but do you really want criminals to be aware of that if they also have access to your home address?).
The easiest way to stop yourself from doing this is to continually bear in mind that LinkedIn is public. Remember the Google indexing issue mentioned above!
Don’t share passwords on LinkedIn!
Sure, this might sound like an obvious one, but you’d be amazed by how many people share confidential information like usernames and passwords with connections on LinkedIn. Even if you do this via a direct message, you’re still placing it within LinkedIn’s database.
It’s also important to avoid sharing personal details which might lead hackers to your password. Your mother’s maiden name, date of birth, and primary school are classic examples of this.
No, not those kinds of photos.
Let’s say you take a photo of your lanyard at an event and post it on LinkedIn to demonstrate your presence there. What else can people see on that image?
It might contain personal information or contact details which will be absolute gold dust for a scammer. The same goes for images of your premises which might reveal security flaws or concealed access.
So, before you post any kind of imagery on LinkedIn – think!
Still worried about LinkedIn security?
Sorry if we’ve given you yet more cause for concern about online scamming, but LinkedIn is so easily overlooked by us all when it comes to this kind of thing.
If you’re still worried about LinkedIn or any form of online crime, just get in touch with the Compex IT team.