These days, it’s hard to go a day without reading news about Facebook and/or Twitter, most revolving around online security, privacy concerns, or the latest cyberattack. One site that seems to fly under the radar is LinkedIn, the social networking site for professionals looking to network or job-seek. Yet with the plethora of information available on the site—personal details like address and birthday, as well as professional information about past jobs, often described in great detail—why don’t we hear more about the dangers of identity theft or the spread of malware for LinkedIn users?
Indeed, a recent report by Sophos includes a pie chart documenting the response to the question of which social networks pose the biggest risk to security. LinkedIn garnered a mere 4% of the vote, vastly trailing Facebook’s 61%. It’s not all good news, though, because a sophisticated criminal could use LinkedIn for a more specific purpose. Sophos’ Senior Technology Consultant Graham Cluley explains:
“Targeted attacks against companies are in the news at the moment, and the more information a criminal can get about your organization’s structure, the easier for them to send a poisoned attachment to precisely the person whose computer they want to break into. Sites like LinkedIn provide hackers with what is effectively a corporate directory, listing your staff’s names and positions. This makes it child’s play to reverse-engineer the email addresses of potential victims.”
The report mentions that 72% of the 500 companies surveyed worry about the impact of social networking on their businesses as far as revealing confidential information. LinkedIn is a virtual treasure trove of data with a much narrower focus than Facebook. How can, and should, companies maintain visible presences online without exposing their employees to the many associated risks, and vice versa?
Sophos, Malware and spam rise 70% on social networks, security report reveals, http://www.sophos.com/pressoffice/news/articles/2010/02/security-report-2010.html