New reports show many LinkedIn users have reported complaints about accounts being taken over by bad actors.
In a statement from Cyberint researcher Coral Tayar, "Some have even been pressured into paying a ransom to regain control or faced with the permanent deletion of their accounts."
5,000% increase in the last few months of search terms for LinkedIn hack or recover record
The reported complaints are on other social media forum platforms such as Reddit, Microsoft, and X with users expressing frustration due to the lack of response from the LinkedIn support team. Per Cyberint they have also seen an increase of 5,000% in the last few months of search terms for LinkedIn hack or recover record.
The access point cybercriminals are taking to infiltrate are through leaked credentials and/or brute-force to attempt to access a large number of LinkedIn accounts.
A high percentage of your C-level positions are using LinkedIn
If a user used strong passwords and/or two-factor authentication, it would only result in a temporary account lock. If your account was poorly protected, then cybercriminals can be able to quickly swap your listed email so then you can no longer have access. When a high percentage of your C-level positions are using LinkedIn—and almost everyone is—this hack could pose a huge risk for your org's reputation if the attack is successful.
It is highly recommended to enable 2FA, and tell your employees it's time to update their LinkedIn password to something unique and long, ideally a pass-phrase of 25 characters or more. New-school security awareness training teaches your users how to spot the red flags and provide frequent education that they can use to secure their social platforms.
More at Bleeping Computer.
Here's how it works:
