IT Support, Security & Managed IT Services Blog - iCorps

LinkedIn Security Tips: Protecting Your Account from Cyber Threats

Written by Sam Bagnall | 2024/08/13

LinkedIn has evolved into a vital platform for professional networking and brand building, playing a crucial role in the operations of businesses and professionals. In this blog post, we will address the escalating concern over cyber threats and data breaches on the platform. We'll delve into LinkedIn's history of data breaches, examine the associated risks, and provide actionable security practices to protect your LinkedIn accounts and sensitive information.

Staying Secure While Using Social Media


LinkedIn's Past with Data Breaches

LinkedIn has suffered several data breaches dating back to 2012. These data breaches affected users' passwords and email addresses. While many major companies have been victims of data breaches, they are also responsible for securing their users' personal information. Proper security practices are essential.

2012 Breach: In 2012, LinkedIn experienced a significant data breach in which hackers obtained 167 million user records, including usernames and passwords. The company only became aware of the breach in 2016 and subsequently required all affected users to reset their passwords.

2016 Breach: In May 2016, LinkedIn experienced a data breach in which 117 million email and password combinations were stolen and sold on the dark web. All affected users were required to reset their passwords.

2018 Breach: In September 2018, LinkedIn experienced a data breach in which attackers gained access to the information of 700 million users. The compromised data included LinkedIn IDs, full names, email addresses, phone numbers, genders, and professional titles. The company stated that no financial or payment information was compromised.

2021 Breach: In June 2021, LinkedIn reported that a data archive containing scraped information from the platform, such as user IDs, full names, email addresses, phone numbers, and workplace details, had been posted for sale on a popular hacker forum. It was believed that the archive included data from approximately 700 million users.

Cybersecurity Risks and How to Avoid Them

  1. Phishing Attacks: Phishing remains a prevalent threat, with cybercriminals attempting to trick individuals into revealing their login credentials through deceptive emails or fake websites. Businesses can mitigate this risk by educating employees to recognize phishing attempts and avoid clicking on suspicious links or providing personal information.
     
  2. Unauthorized Access: Unauthorized access to LinkedIn accounts can lead to data breaches, reputation damage, and loss of sensitive information. Businesses can reduce the risk of unauthorized access by implementing strong authentication measures, monitoring account activity, and promptly revoking access for former employees.

  3. Data Breaches: Data breaches can have severe ramifications for businesses, including financial losses and damage to brand reputation. To minimize the risk of a LinkedIn data breach, it's essential to stay updated on security best practices, promptly install software updates, and invest in robust cybersecurity solutions.

  4. Third-Party Integrations: Businesses often use third-party integrations with LinkedIn for marketing, analytics, and recruitment purposes. However, these integrations can pose security risks if not properly vetted. Ensure that third-party applications have robust security measures in place and adhere to LinkedIn's security guidelines.

Best Security Practices for Your LinkedIn Account

Here are some recommendations to keep your account secure:

  1. Use a strong, unique password for each of your accounts
    1. Your password should consist of a combination of letters, numbers, and special characters, and should be at least 8 characters long.
    2. Do not include your name, phone number, or email address in your password.
  2. Keep your passwords safe and private, and consider using a password manager to help you do so
  3. Enable two-step verification on your LinkedIn account to add an extra layer of security
  4. Only connect with individuals whom you know and trust on the platform
  5. Set up multi-factor authentication (MFA), such as two-step verification, for the email address linked to your LinkedIn account
  6. Be vigilant and report any safety concerns, such as phishing attempts or suspicious messages
  7. Keep your antivirus software updated to ensure comprehensive protection

Mitigating Cybersecurity Risks on LinkedIn

To mitigate cybersecurity risks on LinkedIn, businesses and individual users can take the following proactive measures:

Stay Informed: Stay abreast of the latest cybersecurity threats and best practices for securing your LinkedIn account. Review LinkedIn's security resources and updates regularly to stay informed about potential risks.

Employee Training: If you're a business owner, consider providing cybersecurity training to your employees, especially those who manage your company's LinkedIn presence. Educating your team about best practices and potential risks can help strengthen your organization's overall security posture.

Monitor Account Activity: Regularly monitor your LinkedIn account for any suspicious activity or unauthorized access. LinkedIn provides tools to review login activity, enabling users to identify and address potential security incidents promptly.

Use LinkedIn Securely on Public Wi-Fi: When using LinkedIn on public Wi-Fi, ensure a secure connection and consider using a VPN. Avoid public computers and be cautious of your surroundings. Prioritizing account security is essential for protecting sensitive information.

Keep Your LinkedIn App Up-to-Date: When using the LinkedIn app, keep it updated for security. Only download apps from official stores and be cautious about granting app permissions.

Use LinkedIn Learning Securely: LinkedIn Learning is a great resource for professionals. Use it safely by being cautious when downloading course materials or other files. Only download files from trusted sources, and scan them for viruses or malware before opening.

Be Prepared for a Data Breach: Even if you do everything to protect your data, there's always a chance of a data breach. Be ready by having a plan for how to respond to a breach. Make sure you know who to contact if a breach happens and have a plan to let affected people and authorities know if needed. Think about working with a cybersecurity company to help you respond to the breach and reduce the harm.

Verify Your Account with CLEAR: You may notice that some LinkedIn accounts have a checkmark next to the user's name. This indicates that this user verified their LinkedIn account using a government-issued ID. Having your account verified will not only help you showcase your credibility but also help you identify users who may be who they say they are. This could lead to fake job applications that could leak your personal information. If you see that checkmark, you know the account has been verified with an ID.

Use Personal Email on Account: When creating a LinkedIn account, you will be prompted to enter an email address. While you think it might make sense to use your work email, there are a few reasons why it's not advised to do so. First, what if you change jobs? You would lose access to your work email address and your LinkedIn account. Secondly, if a data breach occurs, your work email could be breached, and this could lead to other data breaches within your company.

Closing Remarks

LinkedIn has become a critical tool for business professionals to connect with peers, hire employees, and share ideas to further their careers. It's essential to understand the risks associated with using LinkedIn and know what to look out for. This not only ensures that employees' data is secure, but it will also keep the companies they work for secure.

Want to ensure your business is protected from data breaches? Schedule time to meet with an iCorps expert and begin securing your business today.