We get it: you might need to use LinkedIn for job searches, networking, or directly for your work. đŒ
But it also gets used by scammers to collect information useful for social engineering attacks. đ
If youâve noticed a big uptick in scam emails, phone calls, and text messages in the past few months, youâre not imagining it â weâve noticed it, too. đ
And as weâve added new members to our team, one particular type of scam has caught our eye: CEO impersonation scams. đ©âđŒ
â
CEO impersonation scams are a type of social engineering attack designed to gain money from the attackâs target or the the targetâs employer. The targets of these scams are usually new employees, who are less familiar with their new organizationâs structure. The scammers contact the employee over text or email pretending to be the CEO or another leader in the company with an urgent request.
Scammers and fraudsters manage to find out about peopleâs new employment shockingly quickly. One of the tools they use to find out about new hires is LinkedIn.
For some people, being easy to find and active on LinkedIn is important for their work. For others, having a strong LinkedIn profile is necessary to stand out in a competitive job market. Whether you use LinkedIn every day or you havenât thought about your profile in years, your LinkedIn profile and the personal information you provided when you made it might be accessible to others.
Usually, the people who use your LinkedIn profile to contact you are salespeople, recruiters, or others with outward facing roles. They combine LinkedIn with other tools and contact databases to figure out your contact information and get in touch. While itâs annoying to have your inbox clogged by spam, itâs not dangerous â but that can change quickly when people with bad intentions use those same tools.
Scammers and fraudsters can use these tools to send emails and text messages, such as phishing attacks or messages for the CEO impersonation scam we mentioned before. In the worst case, attackers and harassers can use these tools to find your contact information for their harassment campaigns.
LinkedIn offers a lot of granularity in their âvisibilityâ settings, so you donât have to lose the benefits of your public LinkedIn profile to protect yourself. Below, weâll show you how to restrict access to your information on LinkedIn so that scammers and strangers donât flood your inboxes.
Before you get started adjusting your LinkedIn settings, you should be familiar with some basic terms: When you connect with someone on LinkedIn, LinkedIn calls those people â1st degree connections.â People you arenât connected to directly, but with whom you share some mutual connections, are called â2nd degree connections.â In more familiar terms, your LinkedIn âfriendsâ are called 1st degree connections, and âfriends of friendsâ are called 2nd degree connections.
When youâre adjusting your settings, your risk level will help you decide how protected youâd like to be. If youâre at high risk of experiencing online attacks and harassment or have been targeted for scams and phishing attacks lately, you might choose to restrict some or all of your informationâs visibility to the most protected options: âOnly visible to meâ or â1st degree connectionsâ. If your risk level is lower, choosing the option â1st degree or 2nd degree connectionsâ lets you keep some of the benefits of a more widely visible account while still limiting how much of your information is shown to strangers. And finally, the option âAnyone on LinkedInâ allows anyone signed in to their LinkedIn account to view your information.
Your profile settings may allow LinkedIn to directly share your profile information with third party services and applications. This allows LinkedIn to share user data in bulk with business contact databases and other services. To opt out, adjust your LinkedIn data sharing settings here.
Your public LinkedIn profile is what people who arenât signed in to LinkedIn see when they look at your profile. Usually, they find your profile with the help of a search engine like Google. By adjusting your public profileâs visibility settings, you can control what parts of your LinkedIn profile these strangers can see. You can even choose to keep them from viewing your LinkedIn profile at all by switching your profileâs public visibility to off. Adjust your LinkedIn profileâs public visibility here.
In your visibility settings for your email addresses, youâll be able to control who can see your email address. To keep your contact information from being added to business contact databases, we recommend against having your email addresses visible to âAnyone on LinkedIn.â
At the bottom of this page, youâll see a setting called âAllow connections to export emailsâ. Toggle this setting to the off position to prevent your information from being exported to third party tools and contact databases.
Depending on your visibility settings, strangers who have found your email address might be able to use that information to find your LinkedIn profile. Business contact databases often maintain applications or browser extensions that help automate this process using their database of contact information. To limit who can use your email address to find you on LinkedIn, adjust your âDiscover by emailâ settings here.
Your visibility settings may also allow strangers to use your phone number to find your LinkedIn profile. Just like with your email address, business contact databases help automate this process using their database of contact information. To limit who can find your profile using your phone number, adjust your âDiscover by phoneâ settings here.
In this blog post, weâve highlighted the most important settings for keeping scammers and fraudsters from taking advantage of your LinkedIn account â but LinkedIn has many more options for controlling your profileâs visibility. Reviewing all the options can feel overwhelming, but if youâre feeling the LinkedIn energy, itâs great to know who can see what you share on LinkedIn. You can review your other LinkedIn visibility settings here.
While taking steps to make your information harder for scammers to find will decrease the amount of scams targeting you, youâll probably still receive some scam messages and phishing attacks. You can protect yourself from stray suspicious messages and calls when you receive them by checking in with yourself. Ask yourself if the message or call is designed to make you feel anxious, hurried, stressed, or afraid. If it is, it might be a scam.
â
