LinkedIn’s Support in Question as Account Breaches Surge

Reading Time: ( Word Count: )

August 16, 2023
Nextdoorsec-course

LinkedIn has recently become the center of attention due to a series of account breaches. These breaches have either led to users being temporarily locked out for safety measures or, in more severe cases, attackers taking full control of the accounts.

Cyberint’s latest report highlights a growing number of LinkedIn users voicing their grievances over the unauthorised takeovers and subsequent lockouts. What’s more alarming is the perceived inadequacy of LinkedIn’s support in addressing these concerns. Coral Tayar, a researcher at Cyberint, notes, “Despite the absence of an official statement from LinkedIn, there’s a noticeable delay in their support responses, possibly due to an inundation of help requests.”

Discussions on platforms like Reddit, Twitter, and Microsoft forums reveal users’ frustrations with LinkedIn’s purported slow or non-existent support response. One user recounted on Reddit, “Within a week, my account was compromised. I found my email altered overnight without any alert. Despite my numerous attempts, LinkedIn hasn’t addressed my concerns.”

Also Read: Cyberthreats on Social Media: The Rising Risk to Small Businesses

Furthermore, Cyberint has pointed out an intriguing pattern on Google Trends. Searches related to ‘LinkedIn account hacks’ or account recovery surged by a staggering 5,000% in recent months.

The attackers seem to employ two main methods: using previously leaked credentials or brute-force attacks, targeting a plethora of LinkedIn accounts. The platform responds by temporarily locking accounts that have strong passwords or two-factor authentication (2FA) when they detect multiple unauthorized access attempts. Subsequently, these account owners need to validate their identities and update their passwords to regain access.

Notably, when the attackers manage to breach weaker accounts, they swiftly shift the associated email to one from the “rambler.ru” domain. They then reset the password, blocking the legitimate owner’s access. Some victims also discovered that the attackers activated 2FA post-hijack, adding another layer of complexity to the recovery process.

Cyberint observed that in some instances, hackers demanded ransoms for account retrieval, while in others, they simply deleted the accounts without any demands. LinkedIn profiles are gold mines for tactics such as social engineering, phishing, and fraudulent job offers, sometimes resulting in extensive cybercrimes. Given LinkedIn’s recent efforts to counteract fake profiles and deceptive activities, hackers now find it more advantageous to seize existing accounts. For LinkedIn account holders, it’s crucial now more than ever to enhance security settings. Adopting 2FA and setting a unique, robust password is strongly recommended.

Saher

Saher

Author

Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Zero Tolerance: How to Stop Phishing Emails Once and For All?

Zero Tolerance: How to Stop Phishing Emails Once and For All?

In an age where email remains one of our primary modes of communication, the onslaught of spam emails and ...
Cisco Amplifies Cybersecurity Footprint with $28 Billion Splunk Acquisition

Cisco Amplifies Cybersecurity Footprint with $28 Billion Splunk Acquisition

On Thursday, Cisco made headlines by announcing its intent to buy Splunk, a renowned cybersecurity software ...
Revealing the Most Common Types of Phishing Attacks in 2023

Revealing the Most Common Types of Phishing Attacks in 2023

In the vast ocean of the internet, while most fish are friendly, there are some out to get you. They'll try to ...
GitHub Embraces Device-Linked Passkeys for a More Secure User Experience.

GitHub Embraces Device-Linked Passkeys for a More Secure User Experience.

GitHub has today announced the widespread availability of passkeys across its platform, offering an enhanced ...
0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *