When you think about having to secure your social media accounts, LinkedIn might not be the first social network to cross your mind. Since LinkedIn is intended to be a professional networking site, there’s a good chance that you’ve designed your profile to look as polished as possible.
You likely aren’t filling your LinkedIn feed with pictures of your adorable newborn baby or videos of your dog doing its latest trick for you. There’s also a good chance you didn’t spend your formative years uploading embarrassing pictures of you and your friends to it.
So, what exactly is it that you need to keep off of your profile? Well, as it is with most things online, cyber criminals are willing to go just about anywhere to get information from you, and LinkedIn is no exception. (Especially when it comes to phishing schemes!)
Here are 3 ways to secure your profile and protect yourself from potential LinkedIn scams.
1. Update your privacy settings
LinkedIn has many additional privacy features and settings that you might not have even known about. You can access them by:
- Clicking on the “Me” icon at the top of your LinkedIn homepage
- Clicking on “Settings & Privacy” from the dropdown menu
This allows you to customize everything from changing your profile visibility to managing all your account preferences.
Customizing your privacy settings gives you control over who can connect with you, who can send you messages, and what information is visible to others.
A good practice for updating your privacy settings on any social media platform is to limit what others can see until they’re a “friend” or connection of yours. This may seem counterproductive on LinkedIn, especially if you’re job hunting, but limiting what other users see doesn’t mean that you have to make your profile private. It just means you can limit parts of your feed – like your connections or contact information – until you can vet their profile and ensure that they are someone that’s safe to connect with.
2. Use multi-factor authentication
Multi-factor authentication (MFA) is when you use multiple authenticators to verify your identity on a device or an account (for example, using a passcode with facial recognition to get into your phone). Using MFA can significantly reduce the risk of someone gaining access to your accounts and devices by adding an additional layer of security to your complex password or passphrase.
On LinkedIn, multi-factor authentication is referred to as two-step verification. To enable two-step verification, you can:
- Click the “Me” icon at the top of your LinkedIn homepage
- Select “Settings & Privacy” from the dropdown
- Under the “Login and security” section of the “Account” tab, click “Change” next to “Two-step verification”
- Click “Turn on”
- Choose your preferred verification method from the dropdown and click “Continue”
3. Be on the lookout for phishing attacks
Phishing attacks are one of the most common cyber scams, and they also happen on LinkedIn. Phishing messages are designed to look and sound like emails, texts, or phone calls from seemingly real people or companies. They’ll often ask (or intimidate) you into clicking links, submitting your personal information or sending money.
When it comes to LinkedIn, phishing messages usually take place through LinkedIn’s messaging system or through your personal email account.
Some scams through LinkedIn’s messaging system appear to be from “recruiters” sending you links or attachments to find more information about potentially fake job opportunities.
It’s a best practice to not click on any links or download any attachments, especially if the message is from someone that you don’t know. But if you’re worried about missing out on what could be a legitimate job, you should exercise caution and use your discretion.
Ask yourself – does the opportunity seem too good to be true? Are there spelling or grammar errors in the message that you wouldn’t expect the sender to make? Is the recruiter providing you with any information outside of the link? If you are unsure, you can visit the company’s website and contact them through their official channels to confirm if the information is legitimate.
It also doesn’t hurt to take a look at the sender’s profile information – it’s possible that they don’t even work for the company that they messaged you on behalf of.
When it comes to your personal email account, phishing scams through LinkedIn are a little easier to identify. It’s important to note that all LinkedIn messages contain a security footer at the bottom of their emails. If you receive an email that has typos, pixelated images or logos, contains threats (like closing your account) or is missing the security footer, do not open any links or download any files, and delete the message.
LinkedIn is a useful tool to network with others in your industry and a great way to find new professional opportunities. But remember that just because you’re treating LinkedIn professionally doesn’t mean that cyber criminals are. Cyber scams can happen anywhere online to anyone. You can stay one step ahead of online criminals by securing your accounts and recognizing common threats.