Your LinkedIn connections might be hacking you

Don't agree to connect on LinkedIn with people you don't know, warns Intel Security

LinkedIn on a mobile device

Accepting a connection from somebody you do not know on LinkedIn may help hackers steal your company data.

This is according to research from Intel Security, which has revealed that Brits will let people they do not know see their details, potentially leaving them open to risk from hackers who harvest the information for attacks.

Around a quarter of respondents to Intel's survey said they accept "I'd like to connect with you on LinkedIn" requests from peopple they do not know. 

"When a person in a similar industry to us, or a recruiter, requests to connect on LinkedIn, it may look harmless, but hackers prey on this as a means to target senior level professionals and ultimately the corporate network," said Raj Samani, CTO of EMEA at Intel Security.

Advertisement - Article continues below
Advertisement - Article continues below

"Social networking sites are a treasure trove of data used by malicious actors in order to research potential targets for attacks, not only requesting to connect with senior executives but as many junior or mid-level employees at a company as possible," said Samani. 

"They then target senior level execs, using their existing connections with colleagues as proof of credibility by leveraging the principle of social validation," he added. "Once these connections are in place they can launch a targeted phishing campaign."

The FBI has warned that such attacks are on the increase, saying criminals send fake invoices, request wire transfers and so on using accurate looking but false emails. But Intel's research revealed two-thirds of the 2,000 Brits surveyed had never wondered if a would-be social media contact was really who they claimed to be. 

And companies aren't helping. Most respondents to the survey said their employer hadn't "made them aware" of any corporate policies around social media. 

Companies should not assume that younger staff are automatically more web savvy than their older counterparts, with the research suggesting that younger people were less likely to doubt the honesty of a would-be contact than those in older age groups. 

"Businesses must educate all members of staff on how to avoid common scams, including making them aware of the risks of opening unknown attachments in messages or clicking on unknown links," said Samani. 

Advertisement - Article continues below

The warning follows a hacker leaking a huge tranche of LinkedIn credentials - and Microsoft acquiring the professional social network for $26 billion

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Server & storage

Broadberry CyberServe R182-Z90 review: Gigabyte’s EPYC gamble pays off handsomely

7 Jan 2020
Microsoft Windows

Memes and Viking funerals: The internet reacts to the death of Windows 7

14 Jan 2020