LinkedIn is a very popular business and employment social media account so it is not surprising that it is often targeted by scammers as anything popular with many people will be popular with scammers. In fact last year LinkedIn was the most abused brand used in phishing emails. Recently, however, there has been a surge in LinkedIn accounts being hacked and taken over by scammers. The motivation behind these hacks is not entirely clear, but in the past hacked LinkedIn accounts have been used through socially engineered spear phishing attacks against co-workers and companies of the LInkedIn account holder who is apt to trust emails or messages sent from a trusted source.
LinkedIn has recognized that these attacks are increasingly happening. When LinkedIn notices suspicious activities or hacking attempts of an account it will temporarily lock the account, notify the legitimate account holder and ask them to verify the account and update their password to regain access to the account. In instances where the accounts have actually been hacked, unfortunately, the hackers will change the email address tied to the account as well as the password making it impossible for the legitimate LinkedIn account holder to access their account. In some instances, the hackers have demanded a ransom be paid in order to get access to their account back.
This is an easy problem to avoid. In all of the accounts that have been managed to be successfully hacked, none of them used dual factor authentication. Dual factor authentication can provide security even if your user name and password are stolen by a cybercriminal. If you have a LinkedIn account, you should protect the security of the account by enabling dual factor authentication. And while you are at it, you should enable dual factor authentication for all of your important accounts, particularly accounts such as online banking.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it states “Sign up for this blog.”