LinkedIn is a business networking site that attracts more and more professionals every day. But like other popular websites, it can also be the target of cyberattacks.
Main LinkedIn Privacy Concerns To Watch Out For
LinkedIn security issues exist for all its users, however, most users are corporate users and face specific threats. These include:
Corporate espionage – LinkedIn serves as a connection tool that can be exploited by those seeking secrets for corporate espionage or to sell state secrets to foreign governments.
Fraud and phishing – There are many job-seeking individuals on LinkedIn looking for work or business connections. They can be targets for fraud and phishing using social engineering tactics.
Contact details risks – Consider how much information you put on your LinkedIn profile or your submitted resume, such as a home address, phone number, etc. These can be used for dangerous purposes by others.
Workplace risks – LinkedIn has also become an influencer platform for career-focused individuals, just like Instagram or other social networks. This can become a workplace issue if it causes gossip, workplace violence, or other such grievances.
Reputational risks – Your career reputation could suffer if you post information without doing your research due diligence. Also, if LinkedIn or your account is ever hacked or compromised, a dangerous actor could post information on your behalf that could harm your public reputation. Like other social networks, LinkedIn is not safe from hackers going after users’ information. So, if you use LinkedIn, your data is at risk of theft, especially your email address and password.
LinkedIn Website Hacks
Each social media site is operated differently and faces various levels of risk from hackers and those wishing to commit crimes. LinkedIn is no different and has been the target of serious cyber attacks over the years.
For example, the 2012 LinkedIn hack was perpetrated by a group of Russian cybercriminals and lead to the theft of 6.5 million user passwords. LinkedIn users could no longer access their accounts and were required to change their passwords.
Not all major website attacks occur through hacking code vulnerabilities. Some happen through deceptive (but accepted) means to target users and businesses that use the site.
For instance, in August of 2020, the Lazarus group, a North Korean-tied advanced persistent threat (APT) group used LinkedIn job advertisements to attack F-Secure, a cryptocurrency firm for heisting bitcoins. It was specifically addressed to a system administrator via a phishing document sent to their personal LinkedIn account.
This highlights the fact that each individual LinkedIn user is recommended to be aware of phishing attempts through LinkedIn that could compromise their security and data privacy.
Securing Your Linkedin Account for Better Security
The following are brief recommendations for setting up LinkedIn to maximize your security and privacy.
Avoid App Syncing
Make sure to check the sync settings on your account and stop syncing if it is active. Also, if you have the option of syncing LinkedIn with any other accounts or apps that may have access to your data, choose not to.
Have Strong Passwords
Do not reuse passwords across your online accounts. Make them hard to figure out by not using birth dates or easy to guess letter/number strings. Use symbols whenever possible and make the passwords as long as possible.
Limit Your Profile Photo Viewers
You can limit who can view your profile photo on LinkedIn. This will help keep your identity more secure. Although LinkedIn claims a photo can increase your visibility to prospective employers and associates, it is up to you if you want to provide it.
Turn On Two-factor Authentication
Two-factor authentication protects your account by requiring more than a password, and it is easy to set up.
Turn Off Targeted Ads
LinkedIn makes money from ads, just as other social networks do. If you do not want to be bombarded with ads on LinkedIn or by their marketing partners, you can choose to turn them off.
Do Not “Participate In Research”
LinkedIn wants to use your data and online behavior trail to sell to advertising partners and any organization that is seeking insights on trends related to the labor market. You can choose to not be a part of this by turning off “Participate in Research”.
Install Antivirus and Antimalware Software On Your PC
This can prevent spyware and keyloggers from monitoring your activity and stealing your LinkedIn login information.
Use A LinkedIn Data Protection App (See Below)
These apps can help you protect your data across other apps on your smart device.
Be Cautious About Giving Your Phone Number to Anyone On LinkedIn
As in all real-life circumstances, giving strangers access to your phone number may not be the best idea.
Lower Or Turn Off Activity Broadcasts
If you want to keep your job activity hidden from view, then you can turn off Activity Broadcasts.
Limit Your Activity Feed
Your profile updates, posts, and activities can be included as part of your public feed on LinkedIn. Think about which details you want to provide to maximize your privacy.
Limit Who Can View Your Profile
Limiting who can view your profile information is a great way to protect your privacy. Especially consider enacting two-factor authentication for your LinkedIn account.
In today’s digital world, passwords keep your accounts protected from dangerous threats. However, this may not be enough, so it is recommended to add two-factor authentication wherever possible.
LinkedIn Data Protection Apps
LinkedIn data protection apps can help you in several ways to give you broad privacy protection, including:
- Deleting search history across accounts.
- See all your accounts (Twitter, Facebook, Google, Alexa).
- Control privacy across accounts.
These also allow users to take control of other social media accounts through a centralized login and apply new changes to the privacy settings of each one automatically.
You can get many of these free for trial on Google Play or the Apple App Store.
So, if you are looking for a data protection app, check out Jumbo.
LinkedIn Security Verification
Sometimes LinkedIn may use security prompts to verify that you are the person attempting to login. If a user is trying to login with multiple devices, LinkedIn will detect this as unusual and will request a verification.
LinkedIn will use email or a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) check to verify you. Through email, you will need to find the verification code and enter it into the sign-in page and click Submit. This can also be referred to as a LinkedIn Security pin.
Linkedin Security Check Loop
New account signups can get stuck in a CAPTCHA loop. In this case, the person may have attempted to sign in multiple times or with multiple devices. Enabling cookies on your browser can help prevent this. If you use a VPN or proxy server, LinkedIn may see this as a dangerous login attempt from another person in a different location. If possible, avoid using a VPN when you do not want a security check. Also, consider not logging out of LinkedIn each time you use it throughout the day.
The best way to protect your privacy and data when using LinkedIn may in fact be to not use LinkedIn at all! However, in today’s interconnected digital world, using social networking sites is almost a must-do. Users should know the risks to their privacy and use best practices to protect themselves from cyber threats.
For more information about how secure Facebook is, read this post.