Intel Security is urging organisations, including charities, to educate employees about the dangers of over-sharing on LinkedIn after new stats claimed nearly a quarter of UK employees have connected to someone they don’t know on the social site.
The security firm polled 2,000 18 to 54-year-olds and found that over one in five had allowed a stranger to access their details by accepting a connection request.
In addition – and perhaps more concerning – is the fact that over two-thirds (68.7%) admitted they had never wondered if someone is not who they say they are on the business networking site – a figure which rose to 71.5% in the 18-24-year-old age category.
Intel says hackers are increasingly looking to sites like LinkedIn to harvest information on employees and their roles within a company, which they can then use to make spear phishing attacks – often the first stage in a targeted attack. The security firm adds that these attacks could lead on to whaling attacks – where scammers typically email a member of the finance team pretending to be a CEO or CFO and requesting the transfer of funds outside the organisation to an account in another country.
Often the cyber-criminal will pretend to be a recruiter or someone else in the same or similar industry, which can be enough to trick victims into accepting the connection request, explained Intel Security EMEA CTO, Raj Samani.
“Social networking sites are a treasure trove of data used by malicious actors in order to research potential targets for attacks, not only requesting to connect with senior executives but as many junior or mid-level employees at a company as possible,” he added.
“They then target senior level execs, using their existing connections with colleagues as proof of credibility by leveraging the principle of social validation. Once these connections are in place they can launch a targeted phishing campaign.”
Samani urged organisations to include LinkedIn security and privacy tips in employee awareness and training programs in a bid to counter the threat.
Performance visualisation platform has announced discounts for UK charities on yearly subscriptions
Funding is available to organisations keen to do more of the good work they do, whether it’s buying equipment, hiring new talent, or progressing with business development plans
Médecins Sans Frontières (MSF) has rolled out a new UK website with the aid of the Torchbox agency
Figures prompt calls for charities to ensure they use all methods possible to protect online transactions and customer data