Why Hackers Love Your LinkedIn Profile
An employee opens an attachment from someone who claims to be a colleague in a different department.
The attachment turns out to be malicious.
The company network? Breached.
===========================================
An employee opens an attachment from someone who claims to be a colleague in a different department.
The attachment turns out to be malicious.
The company network? Breached.
===========================================
If you follow the constant news about data breaches, you read this stuff all the time. But do you ever wonder how hackers get otherwise smart, professional people to fall for their tricks? How do they know who to email? What to say to get their victim to fall prey? Where do they get the information that gives them a foothold into an organization?
The answer is so simple, and just makes too much sense: LinkedIn.
RE-CON made easy
The first phase of any targeted hacking scheme is the reconnaissance phase – where the hacker gathers information about the company, employees, their job titles, email addressses, etc. What better place to start than LinkedIn?
“LinkedIn is a treasure trove of easily accessible personal information and company IT data,” writes penetration tester Trevor Christiansen.
“Unbeknownst to most of the employees who post their information on LinkedIn, any hacker looking to wreak havoc on a company’s highly sensitive, business-critical data could find his or her point of entry using this ubiquitous business networking forum.”
The best defense
Indeed, the best weapon against these types of attacks is employee awareness. Your information may be available on LinkedIn, but if you’re are aware of the ways hackers exploit that info, you’ll be less likely to fall for tricks. Employer-sponsored education on social engineering tactics would help employees learn to be suspicious of any communication that seems even the slightest bit off.
==============================================================
Hackers may love LinkedIn, but only as long as it gets them where they want to be. To head them off, awareness is key.