Research demonstrates how a willingness to connect to strangers on LinkedIn might be putting your company at risk.
For many LinkedIn is a handy way of keeping up with old colleagues and maybe even finding a new job — and many think that the bigger their network of contacts, the better.
So if a contact request comes in from a recruiter, even one they had never heard of before, many might think there would be little harm in accepting.
But what if that wasn’t a recruiter, but rather a hacker using a fake profile in order to gain access to you, your contact details, and the rest of your network? In connecting you’ve potentially put yourself and your company at risk of being hacked, breached, or otherwise targeted by cybercriminals.
Certainly people are often more than willing to accept a request from a complete stranger to join their network on LinkedIn.
In fact, according to a survey of 2,000 people by cybersecurity researchers at Intel Security, nearly one quarter (24 percent) say they’ve connected to someone they don’t know on LinkedIn, thus potentially allowing hackers to access to a wealth of information which could be used for spear-phishing, malware drops, and other nefarious means.
“We’re opening ourselves up to the world without any real consideration with regards to who we’re allowing on our network,” Raj Samani, CTO of EMEA for Intel Security.
Once provided with access to a person’s network, malicious actors are able to gather data and research potential targets for attacks, potentially even eventually connecting up to senior executives and CEOs.
If a hacker successfully gains access to the contact details of an executive, they could potentially use the trust associated with someone in a senior position to carry out fraud and other criminal activities.