You probably remember the 2012 LinkedIn data breach. It was a big deal because something like 6.5 million user account passwords were posted online, but LinkedIn never confirmed the final number of people that were impacted. Well, it turns out to have been much larger than the estimated 6.5 million username and passwords that were stolen. There are really more than 100 million records. Right now, LinkedIn is sending emails to these users that they need to change their password.
Here is the important part: The bad guys are jumping on this and are sending phishing emails with a fake LinkedIn login page that look a lot like the real email from LinkedIn. If you fall for this scam and log in on their fake page, your credential will be stolen, your LinkedIn account compromised and/or your computer infected with all kinds of malware.
Here’s what you need to do: If you receive an email that seems to come from LinkedIn, hover over the links and make sure they are legit before you click. Even better, do not click on anything and just go to LinkedIn using your browser and change your password. If you have used your LinkedIn password at other sites, it’s time to change those as well!
Go to www.LinkedIn.com, click Help, (bottom right) and choose Changing Your Password. In case you want to get another layer of password protection, LinkedIn also offers dual factor authentication by which you can have a one time numerical code sent to your smartphone each time you need to access your LinkedIn account.
Stay safe and stay secure! Keep your users educated and always think before you click!!