LinkedIn users around the world are falling victim to a wave of hacking attacks, with hackers demanding ransoms and threatening permanent deletion of accounts. The campaign, which has seen a significant surge in the past 90 days, is causing concern among LinkedIn users who have noticed the high volume of support requests and a lengthening response time from LinkedIn’s support team.
According to a recent report published by cybersecurity firm Cyberint, the number of account hacks on LinkedIn has been on the rise recently. Social media conversations and Google search queries such as “LinkedIn account hacked” and “LinkedIn account recovery” have seen a substantial increase, indicating that users are facing various security issues on the platform.
While LinkedIn has not publicly commented on the situation, users have expressed their frustration on various online platforms. One user, who fell victim to a hack, criticized the platform for its lackluster security system and the absence of any response from LinkedIn to address the issue.
However, some reports suggest that LinkedIn has taken action in certain cases. In these scenarios, LinkedIn temporarily locks users’ accounts due to suspicious activity or hacking attempts. The platform then notifies the users and asks them to verify their accounts and update their passwords to regain access. This suggests that LinkedIn is aware of the ongoing account-related activity and is taking steps to mitigate the impact on its users.
Unfortunately, there is another scenario in which victims’ LinkedIn accounts are fully hacked, making it impossible for them to independently recover their accounts. In this case, the attackers gain access to the account, change the associated email address, and alter the password. This makes it difficult for the victims to recover their login details, as the email address linked to the account is no longer theirs.
Some victims have reported receiving ransom messages, demanding small amounts of money in exchange for regaining access to their accounts. Others have witnessed their accounts being deleted entirely. These actions by the attackers highlight the potentially damaging consequences for LinkedIn users who fall victim to these account takeovers.
LinkedIn has faced similar security challenges in the past. Last year, it was identified as the most abused brand in phishing attempts due to its recognizability and widespread use in the corporate world. In June of this year, North Korean hackers were discovered using fake LinkedIn profiles to target security researchers in a phishing campaign. LinkedIn has also been targeted in spear-phishing campaigns aimed at taking over Facebook Business accounts for malicious purposes.
The motive behind the recent account takeover campaign remains unclear. However, compromised LinkedIn profiles can be used for various malicious activities. Attackers can socially engineer phishing campaigns by impersonating trusted colleagues or supervisors, access valuable information from conversations between business colleagues, and even cause reputational damage by posting malicious content or sending damaging messages to connections.
To address these threats, cybersecurity experts advise LinkedIn users to promptly log in and confirm their account access. It is also essential to ensure that all contact information within the account is accurate and to contact LinkedIn immediately if access is lost and email recovery is not possible. Strengthening password security and enabling two-step verification, which LinkedIn and other platforms offer, can further enhance account security.
In conclusion, the recent wave of LinkedIn account hijackings is a cause for concern among users. As the number of account hacks continues to rise, LinkedIn needs to respond promptly to address these security issues and enhance its system to protect the privacy and security of its users.