LinkedIn is a very popular social networking service site for business people where 300 million people share knowledge and opportunities. Unfortunately, however the information provided on LinkedIn can be manipulated in the hands of a hacker to provide information that can be used to hack a business’ computers and data. If you look up a company on LinkedIn you will find a number of profiles for individual employees of the company. Many of these will include the employee’s email address. After viewing a few employee profiles a hacker can determine the protocol used for emails within the company, such as initial of first name, last firstname.lastname@example.org. Using this information, the hacker can send a legitimate appearing email to a company employee that looks like it comes from within the company luring the real employee to either click on a tainted link or enter a username and password. This can be used to either directly install malware on to the company’s computers through the tainted link or get access through the user name and password of the employee victimized by the scam. From there it is an easy thing to install malware to steal information from the company.
Never click on links in emails, text messages or social media or download attachments until you have absolutely confirmed that they are legitimate. Also, when it comes to network security, most companies will never ask for an employee’s user name or password. Again, never provide this information on any website or anywhere else until you have first confirmed that the website is legitimate. It might be a phony, tainted website merely phishing for your information. Trust me, you can’t trust anyone.