LinkedIn Scraping Attack

LinkedIn is in the spotlight of IT security news again. A hacker claims to have 500 million LinkedIn profiles for sale. The criminal posted four files that contain LinkedIn member IDs, full names, email addresses, phone numbers, genders, job titles, workplace information, and potentially other identifying data.

LinkedIn reviewed the data, confirmed it was real, and released a statement claiming the data was scraped from public profiles, and not a breach.

“This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”

For a year now criminals have focused on LinkedIn to acquire information on employees and target them in attacks. LinkedIn is now in the top three companies impersonated in phishing attacks, a year ago it wasn’t even in the top 25. Earlier in the pandemic we wrote a blog post about criminals using LinkedIn to attack newly hired employees by impersonating IT support of the company.

The scraped data are forms of publicly identifiable information or PII which can be used along with other public information to give the criminal a more complete picture of a person they are attacking. Even though the information is public, a criminal could use the list to construct a more credible phishing attack. A searchable, sortable, aggregated list of 500 million users could be very useful to a hacker. They could sort the data by business or area code and create more targeted attacks, use the data to pose as LinkedIn, or combine the data with other PII to target individual users in a spear phishing campaign.

Data scraping is on the rise because we share so much information publicly. LinkedIn has risen in popularity as a business to portray because of so many people looking for new jobs during the pandemic.

With the announcement of this data scraping attack, users should be on the lookout for phishing emails referencing LinkedIn, or the information the user has on LinkedIn. It’s always a good idea to understand what information you have publicly available, so if an email or text message doesn’t feel right, you can better understand the information the hacker may be working from.

In a couple recent podcasts, Jack talks about oversharing PII, and data aggregation. Find those podcasts here and here.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright