LinkedIn is a popular tool for professionals and businesses. Jobseekers use it for getting their resumes out there and for building a vast network of professional connections. Companies and businesses use it for marketing purposes, for recruitment and for building a brand image to attract prospective partners and employees.
Although LinkedIn is truly a valuable platform in today's fast-paced world, it can also be a hacker's treasure trove of data. In the hands of a clever and tenacious cybercriminal, it can reveal more information about you and your company than you think.
Here are various ways cybercriminals can use LinkedIn's information against you.
How LinkedIn's tools can be used against you
For example, by reviewing a company's LinkedIn connections, a hacker can figure out all the third-party services, the suppliers and the tech outfits the company has partnered with. Not only will this provide hackers an understanding of how a company's infrastructure is set up, it can also list other partners that can be potentially used for data infiltration.
LinkedIn's "See All Employees" tool can also be abused to see a company's hierarchy and identify the employees who are worth targeting. By identifying a company's HR manager or finance officer through LinkedIn, cybercriminals can concentrate their phishing scams toward these employees.
Even new job posts on LinkedIn can be used to give hackers an idea of how a company's data infrastructure is set up. Through job descriptions, especially with IT positions, hackers can see what kind of operating systems, security systems, storage management, software, scripts and databases a company uses and build a hacking gameplan based on this information.
A growing practice among hackers is the creation of fake profiles. This problem is prevalent, not just on LinkedIn, but with other social media sites like Facebook or Twitter, as well. Fake social media profiles are like honeypots for cybercriminals - they exist to harvest information about other users and are even used for malicious links for the distribution of malware.
Data from prior breaches
Back in 2012, LinkedIn fell victim to a massive data breach where passwords and logins of more than 117 million accounts were compromised. That information was sold online and led to other new scams.
With major data breaches like this, even something as old as the LinkedIn breach, password reuse attacks will always happen and are still happening as we speak. If you have used or are still using the same passwords for multiple accounts, it is important that you review and change them to make them unique. It is bad practice to use the same password across different services.
Protect your LinkedIn data
LinkedIn may be a valuable tool for professionals and companies who want to have visibility and wider connections but users need to be aware of the consequences of the information they post on their profiles. Hackers are always on the lookout for even the smallest clues on how to victimize an organization and its employees so vigilance is of utmost importance.
Make sure you and your company review and filter the information in your social media profiles that can give your organizational secrets away. And this applies not just to LinkedIn but to other sites like Facebook, Twitter and even job posting sites as well.
However, if you think a LinkedIn account is not worth the trouble, here's our tip on how to delete it.
Have a question about LinkedIn? Kim has your answer! Click here to send Kim a question, she may use it and answer it on her radio show. The Kim Komando Show is broadcast on over 450 stations. Click here to find the show time in your area.
In other news, child experts want Facebook's Messenger Kids app to go away...and they're right!
Facebook already has around 2 billion active monthly users, but it's going after more. Until recently, you needed to be at least 13 years old to have an account. That changed when Facebook made available its Messenger Kids app. Click here and see why child experts are saying this is a terrible idea.