Got a LinkedIn account? The wealth of personal information on your profile might put you and your company at risk of being hacked.
In two recent attacks on Gmail and RSA, the hackers both used sneaky techniques and gathered information to send out what appeared to be trustworthy emails from co-workers. While it’s unknown where the hackers got their information, social media websites (particularly LinkedIn) are suspected as a potential source.
The average LinkedIn profile contains a large amount of personal information that could be used against you, including where you work and links to your colleagues’ profiles. In a recent case study reported on CNN.com, an online security consultant reported how he infiltrated a high-profile company’s private LinkedIn circle in a matter of days.
By creating a fake LinkedIn profile pretending to be a company employee, the consultant (Ryan O’Horo of IOActive) was able to send out 300 connection requests to company employees and received over 60 connections. His profile, loaded with realistic-sounding details (like his position and history), made him seem enough like an actual employee that many simply didn’t question whose request they were accepting. He then requested access to a private group, and his request was granted without the moderators confirming that he was an actual employee. From there, he posted a link on the group’s wall and got 87 hits within two days.
One employee figured out at that point that he was a fake, but the results of this case study are somewhat startling. While social media is a fantastic was to grow your business – and LinkedIn continues to be an invaluable tool for corporate networking – it’s important to know who you’re connecting with and who you’re letting into your work circle.
- Think twice about random connection requests.
- Do your homework before offering sensitive company information on your social media accounts.
- Stay on top of the news.
For more information on medical social media marketing and medical web design, visit us online.