I am watching Game 7 of the World Series, and it is the bottom of the 8th and the score is 6-6. It is very difficult to concentrate on this blog post.
So I am taking the easy way out and reminding you to check the privacy settings on your LinkedIn account.
What is the risk to a LinkedIn account? The most common is social engineering—a hacker looking to find out who your friends and family are in order to use that information for phishing schemes to attempt to find out who co-workers or acquaintances are to get their email addresses to launch a phishing scheme.
These attacks can be internal or external. A common internal attack is a fake connection request. Once a user accepts the request, the attacker gets access to all of the victim’s LinkedIn activity and connections, which is then used for social engineering for more targeted phishing or spear-phishing schemes.
External attacks occur when the hacker sends a phishing email that looks like a connection confirmation from an unknown LinkedIn user. When the user clicks on the link in the email, key logging tools are then used by the hacker to hijack the account or carry out surveillance on you and y our connections.
Here are some tips for your LinkedIn account to reduce your risk of an attack:
- If you haven’t changed your password since the last LinkedIn hacking, do so now.
- Go to Privacy and Settings and go to Profile Privacy Tab. Change the setting to Only You, which will make it more difficult for other LinkedIn users to see who you know.
- Change the choose who can see you and follow your public updates to Your Connections.
- Go to the Communications Tab and under the who can send you invitations, the recommended setting is everyone, but you might want to choose only people who know your email address.
- Go to Messages from Member, you may wish to un-tick career opportunities and business deals.
- Activate two step verification that is offered by LinkedIn under the Privacy setting.
Still tied at the top of the 9th.