Recently, we have seen influx of cyber attacks(targeted) via email (both Corporate and personal) and direct messages including SMSs to their mobile numbers. Looking at the nature of these attacks are mainly consists of social engineering nature and often impersonation attacks e.g CEO Phishing email.
Insights from the malicious activity data points us to the fact that people's information were gathered from LinkedIn profiles resulting in identity theft and financial loss. Also, we have also found fake LinkedIn profile setup to infiltrate professional networks and thus by positioning themselves closer to the enterprise network edge.
In my view, identify theft of 24% is hugely under reported as suggested in the report mentioned above.
I am curious to understand what is LinkedIn doing to make sure it's users are safe and personal data stored are not available to threat actors to gather and cross-pollenate against other meta data.
Can I suggest a dedicated cyber-awareness learning module to be available to all LinkedIn members irrespective of paid subscription or not? Topic to include would be general guidance on current cyber threat landscape in view of identity theft and of course how to make your LinkedIn profile more secure.