The Growing Threat: Understand the rising risk of LinkedIn account breaches and the potential consequences for your professional identity.
Cyberint researchers have revealed an extensive global campaign targeting LinkedIn users, where cybercriminals aim to take control of accounts and coerce victims. This assertion gains support from numerous pleas for help found on LinkedIn’s support page, previously known as Twitter’s X.com.
For example, on August 9th, a user expressed frustration: “Despite seeking aid, my compromised account’s recovery has made little progress. I suspect the hacker uses a fraudulent LinkedIn email to request my photo ID. I’m looking for direct human communication due to doubts about email credibility. Online searches for a contact number have been unsuccessful. I urgently need help.”
According to Google Trends data, Cyberint’s blog highlights a staggering 5000% surge in searches for “LinkedIn account hacked” and “LinkedIn account recovery,” underscoring the scale of this issue.
Researchers have identified cases where some victims face temporary account suspensions due to suspicious activities, prompting LinkedIn to block attackers. In these cases, users are guided to verify accounts, update passwords, and typically regain control. However, not everyone is as fortunate.
Malicious actors take complete control of compromised accounts, ensuring original owners can’t independently regain access. Once control is seized, attackers swiftly change the account’s linked email address. It’s worth noting that addresses created via the rambler.ru mail system are commonly used in these attacks.
By changing the email address, threat actors effectively prevent victims from restoring accounts via email, causing irreversible loss. Some victims receive ransom demands to regain access, while others witness total account deletion, as explained in Cyberint’s blog.
Researchers suggest that the rising number of complaints about LinkedIn breaches indicates a targeted and systematic campaign. While attackers’ motives remain unclear, stolen professional accounts present numerous opportunities for threat actors. This includes using hacked accounts for social engineering, extortion, and data collection.
“Hacked accounts can spread malicious content, erase contributions, or send damaging messages to connections, severely damaging an individual’s reputation,” the researchers emphasize.
To reduce the risk of LinkedIn account breaches, the researchers recommend various preventive measures. These encompass verifying ongoing account access, reviewing LinkedIn messages for changes to the primary account email, enhancing password security, and activating two-factor authentication.
Related stories:
