LinkedIn’s 930 million users are being urged to tighten up security on their accounts following a surge in hack attacks at the world’s largest professional social network which has seen some users being forced to pay a ransom to get back online.
According to security vendor Cyberint, Google Trends shows searches for terms such as “LinkedIn account hack” and “breakout” spiking by up to 5,000% over the past 30 days, with users being locked out of their accounts, having them hijacked or even deleted.
Cyberint maintains that hackers are taking over accounts with weak security. Researcher Coral Tayar said: “Some users have been pressured into paying a ransom to regain control or faced with the permanent deletion of their accounts.
“While LinkedIn has not yet issued an official announcement, it appears that their support response time has lengthened, with reports of a high volume of support requests.”
There are two distinct methods of attack. The first is a temporary account lock in which victims receive an official email from LinkedIn notifying them of the security measure.
In these cases, the accounts are not compromised but suspicious activity or hacking attempts prompt the temporary lock. It means that hackers have attempted to breach accounts with two-factor authentication or tried brute force attacks on passwords, leading LinkedIn to block these attempts. Affected users are requested to verify their accounts, update their passwords, and regain access.
The second method is the full account compromise after which LinkedIn users are unable to recover their accounts independently.
The hackers’ tactic follows a specific process to ensure account restoration is impossible in these instances. They first gain access to the account and switch the user’s email address to another one, they then change the account password.
By changing the email address, hackers effectively prevent the victim from being able to restore their account via email, leaving the account irrecoverable.
Cyberint is urging users to log into their accounts and confirm their continued access promptly. If they find themselves locked out and unable to recover using their email, reach out to LinkedIn support immediately.
They should also check their email inbox for any messages from LinkedIn indicating the addition of an extra email to their account. If users do find such an email, they should consider it a significant warning sign.
Users should also employ a strong and lengthy password unique to their LinkedIn account, avoiding password reuse across platforms, and enabling the two-step verification feature.
Unfortunately, it appears that hackers have always seen LinkedIn as an easy target. Back in 2012, more than 6.5 million files were stolen from the site in one attack; by 2021 the details of half a billion users were offered for sale online.
The company has also run into trouble over its targeted advertising practices. Parent Microsoft – which bought LinkedIn in 2016 – recently warned investors that it is facing a potential $425m GDPR fine but has vowed to “defend itself vigorously” against the claims.
Related stories
Microsoft vows to fight $425m GDPR fine for LinkedIn
‘Old school Brits’ desperate for data security lessons
Major brands warned over extortion after global attack
UK firms ‘leaving themselves wide open to bot attacks’
LinkedIn hack shows folly of EU laws
