Intel Security is urging organisations, including charities, to educate employees about the dangers of over-sharing on LinkedIn after new stats claimed nearly a quarter of UK employees have connected to someone they don’t know on the social site.
The security firm polled 2,000 18 to 54-year-olds and found that over one in five had allowed a stranger to access their details by accepting a connection request.
In addition – and perhaps more concerning – is the fact that over two-thirds (68.7%) admitted they had never wondered if someone is not who they say they are on the business networking site – a figure which rose to 71.5% in the 18-24-year-old age category.
Intel says hackers are increasingly looking to sites like LinkedIn to harvest information on employees and their roles within a company, which they can then use to make spear phishing attacks – often the first stage in a targeted attack. The security firm adds that these attacks could lead on to whaling attacks – where scammers typically email a member of the finance team pretending to be a CEO or CFO and requesting the transfer of funds outside the organisation to an account in another country.
Often the cyber-criminal will pretend to be a recruiter or someone else in the same or similar industry, which can be enough to trick victims into accepting the connection request, explained Intel Security EMEA CTO, Raj Samani.
“Social networking sites are a treasure trove of data used by malicious actors in order to research potential targets for attacks, not only requesting to connect with senior executives but as many junior or mid-level employees at a company as possible,” he added.
“They then target senior level execs, using their existing connections with colleagues as proof of credibility by leveraging the principle of social validation. Once these connections are in place they can launch a targeted phishing campaign.”
Samani urged organisations to include LinkedIn security and privacy tips in employee awareness and training programs in a bid to counter the threat.
Half of charities surveyed said they do not have a digital strategy and only 9% said they have been through digital transformation and embedded it
NHS Digital working with the Good Things Foundation to help thousands more citizens improve their digital health skills
Instead of using Excel or Access, charities with less than £200,000 in revenue can request a donation of DonorPerfect Online, a solution designed exclusively for fundraising and donor management
Charities are being reminded of the need for secure mobile working policies