In recent years, there has been an increase in reports of LinkedIn accounts being hacked or compromised in some way. This has led many LinkedIn users to wonder – just how safe are their accounts, and what can be done to better protect them? In this article, we’ll explore the main ways hackers can gain access to LinkedIn accounts, look at some of the telltale signs your account may have been compromised, and provide tips on how to strengthen your LinkedIn security.
How do hackers access LinkedIn accounts?
There are a few primary ways cybercriminals can gain entry to LinkedIn accounts:
- Phishing attacks – The hacker sends an email pretending to be from LinkedIn, asking the user to click a link and re-enter their login details. However, the link actually takes them to a fake login page controlled by the hacker to harvest account credentials.
- Password hacking – Criminals are able to crack weak passwords using password hacking tools, gaining access to accounts. LinkedIn breaches – In 2012 and 2016, LinkedIn suffered data breaches exposing millions of user emails and passwords. Compromised credentials from these breaches may still be exploited.
- Malware/spyware – Malicious software secretly installed on a device can record keystrokes and other information as a user types, potentially capturing account details.
- Accessing linked accounts – If a hacker gains entry to another online account linked to your LinkedIn, they may be able to leverage this to get into LinkedIn as well.
Of these, phishing is one of the most common attack vectors hackers use to infiltrate LinkedIn accounts. The social engineering tactics take advantage of unwary users.
Are there signs your LinkedIn account has been hacked?
Sometimes a LinkedIn account compromise occurs without the user realizing. However, there are some telltale signs that your account may have fallen victim to hackers:
- Unusual login locations – You may get notifications of logins from places you don’t recognize.
- Unknown connections – Strangers may be added to your connections.
- Suspicious messages – Odd messages being sent from your account to your connections.
- Profile changes – Changes made to your profile, like new work history or education.
- Spam posts – Spam links or posts shared from your account.
Even a single suspicious sign like this warrants further investigation. Review your account’s settings, security options, and recent activity for anything that seems off.
How can I better protect my LinkedIn account?
Fortunately, there are steps you can take to strengthen your LinkedIn security to prevent your account from being compromised:
- Strong unique password – Create a long, complex password just for LinkedIn. Don’t reuse passwords.
- Turn on 2FA – Enable two-factor authentication for an extra layer of security.
- Review settings – Adjust your security settings, like trusted device recognition.
- Be wary of red flags – Watch for phishing emails, odd posts, etc.
- Use Login Notifications – Get alerts on logins to monitor account access.
- Revoke unauthorized sessions – If your account is compromised, revoke any unknown sessions.
It’s also critical to be cautious and use good cybersecurity habits in general when online – threats like malware can impact the safety of your LinkedIn login details.
What should you do if your account is hacked?
If you confirm your LinkedIn account has fallen victim to hackers, take these steps right away:
- Reset your password – Change your password immediately to lock the hackers out.
- Remove unauthorized connections – Delete any strange connections from your account.
- Scan devices for malware – Check your devices for spyware or keyloggers that may have stolen your information.
- Enable two-factor authentication – If not already on, enable 2FA for improved security.
- Revoke account sessions – Revoke any unknown or suspicious sessions.
- Notify contacts – Alert your connections to disregard suspicious messages from your account.
- Contact LinkedIn – Report the account hack to LinkedIn so they can investigate.
Taking swift action limits the potential damage and stops the hackers from having continued access. Make sure your account is fully secured before resuming normal use.
Data on LinkedIn account hacks
While LinkedIn has not provided statistics specifically on account hacks, data breaches give some indication for the scale of compromised credentials:
Year | LinkedIn Data Breach | User Accounts Impacted |
---|---|---|
2012 | LinkedIn data breach | 6.5 million user credentials stolen |
2016 | LinkedIn and Tumblr breach | 117 million emails and passwords leaked |
Given billions of credentials from various sites are easily available to hackers online, it’s reasonable to assume that large numbers of LinkedIn accounts remain vulnerable to credential stuffing or brute force login attempts.
How to check if your email was involved in a LinkedIn breach
To see if your LinkedIn account credentials may have been compromised in a breach, you can check haveibeenpwned.com. This free service aggregates credentials from many data breaches, and lets you search by email address to see if your email is included in any breaches they have records of.
Simply enter your email address used for your LinkedIn account and it will indicate if that email was involved in any known data breaches. If so, hackers may have access to that password, and you should change it immediately.
Conclusion
LinkedIn account hacks and compromises appear to be growing more common as hackers take aim at the platform. However, LinkedIn users can take key steps to detect unauthorized access and secure accounts. This includes enabling enhanced security options, using strong unique passwords, monitoring account activity, and revoking sessions if an account breach does occur. Remaining vigilant against phishing attempts and using sound cyber hygiene is also critical to safeguarding your LinkedIn account.