System admins hold the keys to the kingdom. The NSA is actively hunting for system admin credentials. A popular way to get you to click on something that installs zero-day malware on your admin workstation is to have you respond to a nice holiday wish card that carries malware.
These are easy to send and social engineering is not hard to do on LinkedIn. There are tons of bogus honeytrap profiles out there with pretty looking models that were cut straight out of the Banana Republic website. Here is an example of how this can look.
First things first. You need to be highly critical who you agree to link with as a system admin. For instance, it's all too easy to say yes to a pretty looking recruiter that later turns out to be a black hat who sends you a zero day that infects your workstation.
Next, make sure that you check with people if it was them who send you this thing you did not ask for. You need a healthy dose of skepticism and paranoia if you hold those domain passwords. Just remember the horror story admin workstation that got hit with CryptoWall and killed seven servers.
Administrators, especially at this time of year, Think Before You Click !!
