LinkedIn has seen a notable increase in account security breaches. Users have reported difficulties accessing their accounts, and in certain instances, they've encountered demands for payment to regain access or risk permanent account deletion.
LinkedIn has become a prime target for hackers who are actively seizing control of user accounts. In certain instances, these cybercriminals are exploiting the situation by demanding a small ransom in exchange for account restoration, while also issuing threats of permanent deletion.
Although LinkedIn, a subsidiary of Microsoft, has not issued any public statements regarding this ongoing campaign, its impact has been felt globally in recent weeks. Conversations on social media and search engine queries show a noticeable and significant increase in account breaches on the professional networking platform over the past 90 days.
Researchers noted that the extended response times from LinkedIn support indicate an elevated volume of user support requests, hinting at a potentially alarming situation. Search queries such as 'LinkedIn account hacked' or 'LinkedIn account recovery' have experienced a substantial upward trend and the term 'breakout' in place of percentage indicates that the search term grew by over 5,000%.
Attack Circumstances
Despite Their current lack of response to the issue, LinkedIn seems to be aware of suspicious account-related activities, which has frustrated some users. As of today, LinkedIn has not provided a comment in response to requests.
In reports of account breaches shared online, there are two distinct situations that have come to light, each with different outcomes for affected users. In the first scenario, LinkedIn takes preemptive action by temporarily locking a user's account when it detects suspicious activity or hacking attempts. Subsequently, the user is notified of this action and asked to verify their account and update their password in order to regain access. "In this case, the threat actors may have attempted to breach accounts with two-factor authentication or utilized brute-force methods to crack passwords, prompting LinkedIn to block these illicit efforts,"
The second scenario is more unfortunate, as it entails the complete compromise of victims' LinkedIn accounts, rendering them incapable of independently recovering their accounts. In this scenario, attackers gain unauthorized access to the account and change the associated email address to another one. Subsequently, the attackers proceed to alter the account's password, and due to the change in the account's email address, users are unable to recover their login details using the previous email address associated with the account, as is typically the case.
"Some victims have reported receiving ransom messages (typically demanding a nominal sum of money) to regain access, while others have experienced the outright deletion of their accounts,"
The History of LinkedIn Targeting
LinkedIn has been a frequent target for cybercriminals, with instances dating back to last year when it was identified as the most commonly exploited brand in phishing attempts. This prominence can be attributed to its widespread use within the corporate world, making it an appealing target.
Although the motivation behind the recent account takeover campaign remains uncertain, there are various malicious activities that threat actors can carry out using compromised profiles. For instance, attackers can exploit a person's LinkedIn profile to orchestrate phishing campaigns by masquerading as a trusted colleague or supervisor. Furthermore, they can access valuable information by perusing conversations between business associates or tarnish a victim's reputation by utilizing their accounts to disseminate malicious content or send harmful and intimidating messages to professional connections.
Secure Your LinkedIn
Given the potential scale and severity of these security breaches, It is strongly suggested that users promptly log into their accounts and verify their access. Additionally, users should meticulously review all contact information associated with their accounts to ensure its accuracy. If users find themselves locked out and unable to recover their accounts via email, it is imperative that they contact LinkedIn immediately.
LinkedIn users should also diligently inspect their email inboxes for any messages sent by LinkedIn that indicate the addition of an extra email address to their accounts, as this may be indicative of a hacking attempt. If you did not initiate this action and discover such an email, treat it as a significant warning sign users should take appropriate action.
Enhancing password security and implementing two-step verification, a feature offered by LinkedIn and other platforms to enhance account security, can further fortify one's profile against potential compromise.
RCS has been proficiently overseeing the IT requirements of businesses since its establishment in 1999. For those seeking a reliable IT partner to support their business contact us at info@rcsprofessional.com or explore further details on our website: https://www.rcsprofessional.com/contact-us.