Social media site LinkedIn (NYSE:LNKD) is one of a few sites that have proven Facebook isn’t the end-all name in connectivity, using its professional niche as its ladder to success.
Unfortunately, it has a bug problem.
A CNN Money report says hackers are employing a method called “spear phishing,” in which they use information like where you work and who your co-workers are, then coordinate an attack to trick people into opening attachments that “appeared to come from trusted sources or colleagues.”
The story details an in-depth project from a managing security consultant, who created a fake LinkedIn account, pretending he was an employee of one of his customer companies. Before being caught three days into the experiment, he was able to connect to about 1,000 company employees, 87 of whom clicked on a link that supposedly was a “beta test sign-up page for a new project.”
A scary thought considering LinkedIn just cleared the 150 million-member mark in February, and considering two spear phishing attacks last year saw success against governmental officials and SecurID security tech maker RSA. And considering the job-seeking/hunting facets of the service, many users might find it difficult to draw a distinct line between restricting information for security’s sake and still providing enough information for potential future employers.
– Kyle Woodley, InvestorPlace Assistant Editor