Linkedin Security

<  Back to Fact Sheets
What is LinkedIn?

LinkedIn is a social networking tool for individuals interested in developing their professional network and find new opportunities to grow their careers. LinkedIn operates similar to other social media platforms. You invite “connections” and converse via private messages. While LinkedIn facilitates great opportunities to connect it may also be used as a tool to facilitate social engineering by online criminals.

Quick Facts
  •  On LinkedIn you display your professional experience and achievements on your profile. 
  • Abuse Occurring via LinkedIn: Emails and related contact details are accessible on LinkedIn. 
  • This may be influenced by the level of access afforded to users – for example, premium service recipients are able to send messages direct to a certain number of prospective connections. 
  • LinkedIn has become a popular platform to for recruitment, subsequently attracting employment scammers. 
  • LinkedIn experienced a data breach in 2016 in which usernames and passwords were exposed. 

  • Go to Linkedin’s privacy settings and review who can access your contact information. 
  • Ensure your email and LinkedIn account have strong and separate passwords – If a scammer can access one, they can access both. 
  • Do your research on individuals wanting to contact you about a job opportunity. 
  • Don’t match with connections you do not know or do not trust. 
  • Review the type of information you post about yourself. You don’t need to share your full name and date birth. Never share credential information, such as images of licences and passports. 
  • Always use anti-virus and be careful to only access social media on trusted Wi-Fi. 
  • Check and download LinkedIn updates. 

Detection & Response 
  • ‍Invitations to connect with unknown people who send emails containing links aimed at directing you away from the LinkedIn in order to facilitate deceptive engagement. 
  • Fake Jobs / Money laundering where job opportunities are made by criminals that are administrative, requires a person to transfer money (often overseas), and may even demand an ‘Application Fee’ is paid. 
  • Receiving unsolicited emails with a .zip file attached that may contain malware/Trojans that can steal your data. 
  • Receiving unsolicited emails seemingly target towards your profession/interests, these may be phishing emails. 
  • ‍Forward or send a screenshot of any suspicious emails/messages to 
  • Download and run the latest anti-virussoftware. 
  • Change your Linkedin password, preferably from another device. 
  • Remove or block the connection who sent the suspicious email/message. 
  • Delete suspicious emails from your account. 

For more facts of social media security please see our other Social Media Fact Sheets


Identity Care Australia & New Zealand Ltd (IDCARE) provides identity and cyber security incident response services (the Services) in accordance with the following disclaimer of service:

IDCARE is Australia and New Zealand’s national identity and cyber incident community support service. We are a not-for-profit charity.

  • The Services provided do not constitute legal advice. IDCARE recommends that you consult a solicitor in relation to your legal rights and obligations, including but not limited to your legal rights or obligations under Australian and international privacy and data protection laws.
  • While every effort has been made to ensure the accuracy of the information in this product or service, to the maximum extent permitted by law all conditions, terms, representations, and warranties (in each case, whether express or implied) in connection with the provision of the Services which might otherwise be binding upon IDCARE are excluded.
  • IDCARE’S liability for any loss or damage suffered by any person or organisation (including, without limitation, any direct, indirect or consequential loss or damage) arising out of or in connection with the Services (including without limitation liability for any negligent act or omission, or statement, representation or misrepresentation of any officers, employees, agents, contractors or consultants of IDCARE) shall be limited to the fees paid by you to IDCARE in respect of the Services. For the avoidance of doubt, this limitation of liability extends to any liability arising from any actions performed or not performed as a result of any recommendations made in course of providing the Services.
  • The Services provided by IDCARE are intended to be provided solely to the initial recipient of this document or service and IDCARE will not be liable to any other person who may receive this document.

While every effort has been made to ensure the accuracy of the information in this alert, IDCARE disclaims any liability to any person in respect to any actions performed or not performed as a result of the contents of the the Services or any accompanying data provided. Wider dissemination may be permitted by authority in writing from IDCARE’s Managing Director. If you would like to provide feedback please use our Feedback Form.


IDCARE is here to provide you with specialist support and guidance when faced with a cyber and identity related issue. Contact one of our Identity & Cyber Security Case Managers to learn more about our Support Services and how we can help you.   

Get help

Submit a web request

Call Centre Icon


1800 595 160

Mon - Fri: 8am - 5pm AEST

QLD: 07 3555 5900
ACT & NSW: 02 8999 3356
VIC: 03 7018 2366
NT, SA & WA08 7078 7741

Call Centre Icon

call our NEW ZEALAND

0800 121 068

Mon - Fri: 10am - 7pm NZST

AKL: 09 884 4440