top of page

Your LinkedIn account may be at risk from cyber criminals

The Police Cyber Security Company – the National Management Centre - has added its voice of concern to the ongoing media reports that LinkedIn may be experiencing one of its most significant cyber hacks to date.

Linkedin logo with a hacker sat behind

Image credit: Budrul Chukrut / Shutterstock.com


Over the past few weeks large numbers of users have reported being locked out of their accounts and many have reported account hijacks and takeovers. The implication is that there is an ongoing campaign by threat actors to obtain and take over a mass number of LinkedIn accounts.


Whilst LinkedIn have not officially confirmed this, cyber analysts have noted that search terms such as 'LinkedIn account hacked’, 'LinkedIn account recovery' and 'breakout' rose by up to 5000% in the past week. There has also been a steady rise of complaints on forums across the net with many users citing LinkedIn’s failure to respond to calls for help.


The attackers appear to be attempting to gain control of a large number of LinkedIn accounts by using leaked credentials or brute forcing. While the type of accounts being targeted do not appear to be connected, the effect of the takeover attempts can lead to temporary lockout for account holders – something which many users are currently experiencing. LinkedIn account holders using multi-factor authorisation and strong passwords appear to be able to recover their account after a period of time has elapsed.


However, users without these security protocols are reporting having lost their accounts altogether. Once they have gained access to the account, the criminals will quickly replace the host e-mail with one of their own, locking out the legitimate owners permanently. Whilst the motive behind this current campaign is unclear, some users report being asked for a small ransom payment, so there may be a financial motivation.


Pundits have also commented on the fact that fake and hacked LinkedIn accounts are often used to launch credible phishing and malware attacks. In December 2022, over 100 million fake accounts were closed by LinkedIn and Meta, and with this opportunity being removed, it remains a distinct possibility that cybercriminals could be forced to shift towards compromising legitimate accounts.


What should I do if I have a LinkedIn account?

As stated at the top of the article, there is no confirmation from the host company itself that a large-scale campaign is underway, but their silence, along with the surrounding circumstantial information suggests that now is not the time do nothing.


If you have a LinkedIn account, now is a good time to review your security settings, enable 2FA, and switch to a unique and long password. Go to your LinkedIn security settings page to find out more.


Secondly, users are encouraged to monitor their inbox for LinkedIn notifications that a new email address has been associated to their LinkedIn account, this is an indicator that a compromise is taking place. Also, if you have been hacked, make sure to report to LinkedIn and also to Action Fraud (see below)


If you would like further guidance about how you should protect yourself online then simply join the Eastern Cyber Resilience Centre, a police-led company, for free today. We will help you understand the fundamentals of cyber security and what you should be doing today to protect your accounts.


How to report a cyber attack

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).


Comments


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page