With over 740 million members worldwide, LinkedIn is one of the most popular professional networking platforms. Like any online platform, LinkedIn accounts are vulnerable to hacking. In this article, we’ll explore the ways a LinkedIn account can be compromised and steps you can take to protect your account.
How LinkedIn Accounts Get Hacked
There are a few common methods hackers use to gain access to LinkedIn accounts:
- Phishing – Hackers send fake LinkedIn login pages via email to steal usernames and passwords. These emails often look like they’re from LinkedIn to trick users.
- Malware – Malicious software installed on a device can steal login credentials entered into LinkedIn.
- Password Guessing – Hackers use automated tools to guess weak passwords on LinkedIn accounts. Common passwords are easily cracked.
- Data Breaches – When a third-party site that stores passwords is breached, hackers gain password lists to try on other sites like LinkedIn.
- Session Hijacking – Hackers intercept the communication between LinkedIn and a user’s browser to steal the session cookie and access the account.
What Hackers Do Once They Access an Account
Once hackers gain access to a LinkedIn account, there are a few typical activities they engage in:
- Spamming – Hackers mass message LinkedIn connections with spam, scams, or malware links.
- Scraping Data – They harvest personal info, connections, company details, and other data from the account and connections.
- Spear Phishing – Leverage account connections and credibility to conduct targeted phishing attacks.
- Spreading Malware – Post malware-laced links on the account to infect connections.
- Hijacking Identity – Change profile details to impersonate the account owner for fraud.
Steps to Protect Your LinkedIn Account
Fortunately, there are steps every LinkedIn user can take to strengthen account security:
- Unique Password – Have a long, complex password that is unique to LinkedIn and not used on other sites.
- Two-Factor Authentication – Enable two-factor authentication or two-step verification for an extra layer of security.
- Review Connections – Periodically review connections and remove any suspicious or unknown accounts.
- Privacy Settings – Adjust privacy configurations so your profile and data are not entirely public.
- Log Out Sessions – Log out all sessions to force reauthentication everywhere you’re logged in.
- Monitor Activity – Routinely check LinkedIn notifications and account activity for anything suspicious.
How to Tell if Your LinkedIn Account is Hacked
Here are some signs that may indicate your LinkedIn account has been compromised:
- Login notifications from unknown locations
- Posts or messages you didn’t create
- Profile changes you didn’t make
- New connections you didn’t approve
- Password reset emails you didn’t initiate
- Notifications about unrecognized logins or devices
- Spam messages sent from your account
What to Do if You’re Hacked
If you suspect your LinkedIn account has been hacked, take these steps immediately:
- Change your password – Use a new complex password.
- Remove unauthorized changes – Delete posts, connections, etc. made by hackers.
- Alert connections – Let your network know of suspicious activity.
- Check for malware – Scan devices used to access LinkedIn for malware.
- Enable two-factor authentication – Add an extra verification step for logins.
- Log out all sessions – Force all devices to reauthenticate.
- Contact LinkedIn – Report hacked account and request help restoring access.
Can LinkedIn Help Recover Hacked Accounts?
If an account is hacked, LinkedIn does have measures in place to help users regain access:
- Reset password – LinkedIn can initiate a password reset upon request.
- Restore access – Verifying identity documents may allow access recovery.
- Remove changes – LinkedIn can eliminate unauthorized profile and account changes.
- Deactivate account – Temporary deactivation may help secure a compromised account.
- Investigate issues – LinkedIn security specialists can look into suspicious activity.
However, the extent of LinkedIn’s capability to undo hacking damage depends on the severity of the incident.
Best Practices to Avoid Being Hacked
Employing strong LinkedIn security habits goes a long way in preventing your account from being compromised:
- Unique complex password – Don’t reuse passwords across sites.
- Two-factor authentication – Add an extra login step with a code from your phone.
- Avoid public Wi-Fi – Use a VPN on open networks to encrypt traffic.
- Address phishing – Identify and delete suspicious emails.
- Update software – Maintain current operating systems and security patches.
- Limit info sharing – Be wary of what account data you make public.
- Logins via app – Use the LinkedIn mobile app for added security.
Conclusion
While no online account is hack-proof, following cybersecurity best practices greatly reduces the risk of having your LinkedIn account compromised by hackers. Enabling two-factor authentication, using strong unique passwords, and monitoring account activity can help keep your account secure.