As I’ve discussed in prior posts (see here, here and here for example) social media comes with many risks. While most of my discussions have been focused on Facebook, similar concerns apply to other sites as well. As seen in the article below, LinkedIn is no exception!
This article highlights how hackers can use LinkedIn to piece together information about you and your organization and then mount a spear phishing attack. It is a good reminder that you should only accept invitations from those that you know and trust. You should also be selective in the type of information you post on the site.
I think it’s also good to keep in mind that even if you know and trust someone there is always the possibility that their accounts have been compromised. All of us tend to let our guard down when receiving e-mail from friends and associates. Hackers count on this as a way to gain access to your computers and networks by sending e-mails from hacked or spoofed accounts with malicious attachments.
My basic recommendation is to listen to the little voice inside your head when something seems out of the ordinary. For example, if you get an e-mail attachment from an old associate (one that you normally don’t hear from very often) it might be a good excuse to pick up the phone and call them before opening the attachment. If the attachment is legitimate, then you’ll have had an excuse to catch up with your old friend. If it’s not, then you’ll save yourself a big headache, and alert your friend to the fact that their account may be compromised.