- On LinkedIn you display your professional experience and achievements on your profile.
- Abuse Occurring via LinkedIn: Emails and related contact details are accessible on LinkedIn.
- This may be influenced by the level of access afforded to users – for example, premium service recipients are able to send messages direct to a certain number of prospective connections.
- LinkedIn has become a popular platform to for recruitment, subsequently attracting employment scammers.
- LinkedIn experienced a data breach in 2016 in which usernames and passwords were exposed.
- Go to Linkedin’s privacy settings and review who can access your contact information.
- Ensure your email and LinkedIn account have strong and separate passwords – If a scammer can access one, they can access both.
- Do your research on individuals wanting to contact you about a job opportunity.
- Don’t match with connections you do not know or do not trust.
- Review the type of information you post about yourself. You don’t need to share your full name and date birth. Never share credential information, such as images of licences and passports.
- Always use anti-virus and be careful to only access social media on trusted Wi-Fi.
- Check and download LinkedIn updates.
Detection & Response
- Invitations to connect with unknown people who send emails containing links aimed at directing you away from the LinkedIn in order to facilitate deceptive engagement.
- Fake Jobs / Money laundering where job opportunities are made by criminals that are administrative, requires a person to transfer money (often overseas), and may even demand an ‘Application Fee’ is paid.
- Receiving unsolicited emails with a .zip file attached that may contain malware/Trojans that can steal your data.
- Receiving unsolicited emails seemingly target towards your profession/interests, these may be phishing emails.
- Forward or send a screenshot of any suspicious emails/messages to email@example.com
- Download and run the latest anti-virussoftware.
- Change your Linkedin password, preferably from another device.
- Remove or block the connection who sent the suspicious email/message.
- Delete suspicious emails from your account.
For more facts of social media security please see our other Social Media Fact Sheets.
Identity Care Australia & New Zealand Ltd (IDCARE) provides identity and cyber security incident response services (the Services) in accordance with the following disclaimer of service:
IDCARE is Australia and New Zealand’s national identity and cyber incident community support service. We are a not-for-profit charity.
- The Services provide do not constitute legal advice. IDCARE recommends that you consult a solicitor in relation to your legal rights and obligations, including but not limited to your legal rights or obligations under Australian and international privacy and data protection laws.
- While every effort has been made to ensure the accuracy of the information in this product or service, to the maximum extent permitted by law all conditions, terms, representations, and warranties (in each case, whether express or implied) in connection with the provision of the Services which might otherwise be binding upon IDCARE are excluded.
- IDCARE’S liability for any loss or damage suffered by any person or organisation (including, without limitation, any direct, indirect or consequential loss or damage) arising out of or in connection with the Services (including without limitation liability for any negligent act or omission, or statement, representation or misrepresentation of any officers, employees, agents, contractors or consultants of IDCARE) shall be limited to the fees paid by you to IDCARE in respect of the Services. For the avoidance of doubt, this limitation of liability extends to any liability arising from any actions performed or not performed as a result of any recommendations made in course of providing the Services.
- The Services provided by IDCARE are intended to be provided solely to the initial recipient of this document or service and IDCARE will not be liable to any other person who may receive this document.
While every effort has been made to ensure the accuracy of the information in this alert, IDCARE disclaims any liability to any person in respect to any actions performed or not performed as a result of the contents of the alert or any accompanying data provided. Wider dissemination may be permitted by authority in writing from IDCARE’s Managing Director. If you would like to provide feedback please use our Feedback Form.