If, like most recruiters, you rely heavily on a certain networking platform, you should be aware that there has been a huge increase in LinkedIn account hacking over the past 90 days. A colleague of mine experienced this in the past couple of weeks and it is still not resolved. It started when his Facebook account was hacked, with the hacker actively sending messages to his connections. Unfortunately, this led to the hackers accessing his LinkedIn account and effectively locking him out of it. Reporting it to LinkedIn has been a slog, with no real answers and his case being moved among multiple departments. Unfortunately, this activity is on the rise with some users reportedly even having to pay the hackers a small ransom in order to regain control of their account. And in some cases, this appears to be permanent, leaving a user with no ability to ever regain access to their account, followers, content, etc.
This gives me an opportunity to use one of my favorite phrases: “Never build on rented land.” In much the same way as you wouldn’t build a deck or addition to a house you are renting, it’s also unwise to build your digital assets on rented land, e.g. LinkedIn. If you find yourself the unfortunate victim of LinkedIn account hacking, you can easily lose years of activity and connections, especially if the only way you are connected is through LinkedIn. The same is true if they decide to change their terms or service, or sunset a feature, or make any changes that impact your ability to business as usual. So my first advice is to make sure you are building connections outside of the LinkedIn ecosystem. You can do this via lead capture forms on your website, offering gated content that is shared after an email address is provided, direct mail, phone calls, and more. What’s important is that your contacts and content are in an environment that you own and control, and that has appropriate security measures in place.
So, what can you do to protect yourself against hacking? The best advice continues to be:
- Have better, stronger passwords – consider using a passphrase that is at least 12 characters long, with a mix of upper- and lowercase letters, numbers and special characters.
- Update your passwords every 3-6 months
- Don’t use *any* personal data—no pets, birthdays, anniversaries, street names, etc.—in your passwords
- Use unique passwords on every site—which makes it harder for hackers to access multiple accounts
- Enable 2FA (two-factor authentication)—yes, it’s a pain in the neck, but not nearly as painful as getting locked out of your accounts
- Don’t accept weird connections or click on links that come to you in messenger apps or other odd behavior
Be especially careful about using open wifi networks in airports or other public places. Make sure you log out of your accounts if you access them publicly. While it’s unlikely there will ever be a way to totally eliminate hacking, taking strong steps to safeguard your data is the best way to reduce your risk. As someone wise once said, “The best defense is a good offense.”
“Don’t accept weird connections”. A very interesting reminder of a key precaution I tend to forget on a daily basis, given the barrage of requests from all sorts of vendors I receive every hour. Highly recommended.
🤣🤦🏻♀️ Glad to be of service!
Thanks for posting this!
Definitely educational!