Skip to main content
Someone from Bardstown, Kentucky has just been trying to log into my LinkedIn account using credentials leaked from elsewhere, and I'm here chuckling about the little they would stand to gain from this fraudulent access. What's the endgame for compromised LinkedIn accounts? #InfoSec
#infosec
Hypolite Petovan
Hypolite Petovan  
"We hold your LinkedIn account hostage, here's $10 to get it back, poor guy"
Hypolite Petovan
Hypolite Petovan  
@Doug Levin Fair guess, but in my case I'm only connected to a few people I have other ways of contacting, and a small bunch of former co-workers who do not care about me anymore at all.
@Doug Levin
Hypolite Petovan
Hypolite Petovan  
@Doug Levin I understand, fortunately I don't have a prominent professional position so it's unlikely it would make any waves.
@Doug Levin
A Sweet Gentleman
A Sweet Gentleman  
Honest question: Is LinkedIn still a useful tool to find a job?
Hypolite Petovan
Hypolite Petovan  
@A Sweet Gentleman I found my current job via LinkedIn back in 2014, so I'd be hard-pressed to tell you if it is still useful, hopefully I won't have to actually figure it out anytime soon.
@A Sweet Gentleman
Brad Koehn ☑️
Brad Koehn ☑️  
It’s easier to phish when the victim knows thinks they know you.
Shaun Griffith
Shaun Griffith  
@Hypolite Petovan Maybe now is the time to dis your fav targets, get banned, then say you were hacked?
@Hypolite Petovan
Cătă
Cătă  
They can hack my account all the time they want. If they break and leak my password, they'll have to also pass the almighty 2FA code request.
Hypolite Petovan
Hypolite Petovan  
@The Cybersecurity Librarian :donor: Oof, ok, that one would hurt personally, given how vocal I have been against web3 bullshit in the past.
@The Cybersecurity Librarian :donor:
🆘Bill Cole 🇺🇦
🆘Bill Cole 🇺🇦  

The endgame is almost always #spam. LI accounts frequently have complete copies of their owners' professional address books, a valuable set of mostly high-quality addresses.

Very rarely (all day every day, but only to a tiny percentage of people) they are going after the account owner specifically or hitting contacts of their primary target to impersonate them.

#InfoSec

#spam #infosec