News: You could be exposing your personal information and corporate network to malicious actors.
Are you connecting with an executive or a hacker?
Are you allowing access to a wealth of information to a person you don’t even know?
If you don’t know the answer to these two questions then you must take heed of a warning today issued by Intel Security – approach strangers with caution when networking online as they might be hackers looking to take malicious advantage of the personal information available on sites like LinkedIn.
According to survey of 2,000 UK respondents, Intel Security found that more than one in five Brits (23.9%) have connected with someone they do not know on LinkedIn, while over two thirds (68.7%) of respondents admitted that they had never wondered if someone is not who they say they are on LinkedIn.
Raj Samani, CTO EMEA Intel Security, said ‘When a person in a similar industry to us, or a recruiter, requests to connect on LinkedIn, it may look harmless, but hackers prey on this as a means to target senior level professionals and ultimately the corporate network."
"Social networking sites are a treasure trove of data used by malicious actors in order to research potential targets for attacks, not only requesting to connect with senior executives but as many junior or mid-level employees at a company as possible."
"They then target senior level execs, using their existing connections with colleagues as proof of credibility by leveraging the principle of social validation. Once these connections are in place they can launch a targeted phishing campaign."
Although the risk of attack is very much real through sites like LinkedIn, it doesn’t seem that businesses are taking such threats seriously. The vast majority (87.1%) of those surveyed admitted that their employer had never made them aware of any specific corporate policies around LinkedIn use. With the rise of millennial in the workplace, this risk is ever more amplified – a staggering 71.5% of 18-24 year olds had never wondered if someone is not who they say they are on LinkedIn. This presents a significant risk to the corporate network.
Raj Samani warned that employees often expose their own accounts – and therefore their company data – to threats without realising it. "Businesses must educate all members of staff on how to avoid common scams, including making them aware of the risks of opening unknown attachments in messages or clicking on unknown links," said Samani.
"This sounds simple but phishing scams are growing rapidly. Companies are falling tricks by cybercriminals who get in contact using details skimmed from the Internet to legitimise their own fake profile in order to better target businesses."