How to Protect Your LinkedIn Account From Being Hacked!

My LinkedIn profile was Hacked – You wouldn’t believe what happened

Two days ago I experienced something I didn’t think I would ever experience, identity theft and a hack of my LinkedIn profile. I want to share with you the journey that I went through to reclaim my identity and to get the hacker out of my system. This can happen to anyone, so I think it’s important that I share with you the steps that I took.

How it all happened

I was winding down for the night when I received an email from LinkedIn telling me that an additional e-mail address had been added to my LinkedIn account. Confused by the email, I tried to log in to my account but discovered that I lost all access to my LinkedIn profile. It only took a few seconds, the hacker had edited my profile – removing my work email and my mobile phone. I lodged a support ticket with LinkedIn (found on their help page here My account has been hacked). It then took me six hours of back and forth communication with the US LinkedIn security team to prove to them who I was, to re-gain access to my account. Once that was resolved and LinkedIn recognise my personal details, I was able to get back into my profile and I immediately changed my password and added extra security to my account.

I sighed with relief, thinking it was over and went to asses the damage done…

How to Protect Your LinkedIn Account From Being Hacked!

I am a believer when it comes to using LinkedIn for your business. It holds so much potential for your career and business. However, it is really easy to lose your Linkedin account if you get hacked.

Why would someone want to hack your account you may ask? Well, there are lots of hideously sinister reasons why, but it is to get access to your personal data. Personal data and financial data have value on the black market.

Whatever the reason, getting hacked can be incredibly damaging to your LinkedIn world. Not only is it damaging because you will lose access (sometimes permanently), but it can cause reputational damage. Especially if your connections end up receiving a virus, having their data misused or getting their account hacked.

So how can you protect yourself against being hacked?

1 ) Turn on Two-step Verification

Link your phone to your LinkedIn account and turn on two-step verification. When you login from a new device or unfamiliar location, LinkedIn will protect you by sending an SMS to your phone with a verification code. This will limit the use of the account and a hacker’s ability to change or access your account from unfamiliar locations. You can turn on Two-Step verification within Linkedin security settings.

2) Don’t Fall For That PDF Project Proposal

An easy way hackers can get access to your account is by using session cookies. These cookies allow hackers to access your account using your current Linkedin session. How do they do this you ask? That unexpected Google Drive doc, Dropbox link or PDF, which is sent to you from a connection.

You’ll get a message like:

“Hi Dean, I would love you to take a look at this project proposal and give me some costs.”

Don’t open it. 

This PDF will allow hackers to get access to your session cookies and away they go. If you do open it, you’ll lose your access and find that your LinkedIn account will start messaging people ‘confidential project proposals’ too.

This form of hack preys on your eagerness for new business. As I am really active on LinkedIn, I’ll get a message like this once or twice a day from a connection who has been hacked.

3) Silly Passwords

You guessed it, so many people still use password ‘123’ or ‘123456789’. A hacker can connect with you, get your email address from your profile and test some of the common passwords against your profile. Ensure that your password is complicated. You don’t want something which can be easily guessed.

If you do get hacked, you can get help from LinkedIn, but you need to act swiftly. You can complete the form here to raise the issue with LinkedIn.

Due to irregular activities your Linkedln account has been subjected to compulsory security update. Linkedln may sometimes deny logins in cases where we believe the account could have been compromised.

To do this we developed a new secure way that keeps your account safe. we have attached a form to this email to complete the process. Please, download and follow the instructions on your screen.

Linkedln Support

4) Turn Off Share Profile Edits

This privacy setting has less to do with your personal security and more to do with how your contacts view you and your activity. Since you don’t necessarily want to alert your network of every minor change you make to your profile, I recommend that you turn off profile edits (previously called activity broadcasts).

To do so, click Choose Whether or Not to Share Your Profile Edits. In the window that appears, uncheck the box and click Save Changes.

5) Decide Who Sees Your Activity Feed

Your LinkedIn activity feed used to be your updates. Now it only refers to actions taken, such as following influencers, joining groups and so on.

Your activity feed is visible to your network by default. As with profile edits, you probably don’t want your minor activities to clutter your connections’ feeds, so you can make your activity feed private.

To change the setting to be more private, click Select Who Can See Your Activity Feed. In the window that appears, choose the Only You option and click Save Changes.

6) Select What Others See on Your Profile

In most cases, you want people to know when you’ve viewed their LinkedIn profile. It helps keep you top of mind and increases the know-like-trust factor. However, there may be times when you want to make your profile anonymous.

For instance, if you’re doing research on LinkedIn, and you don’t want people to see you, make yourself completely private. Use this tactic when you check out competitors or view potential employers, employees or partners.

To change this setting, click Select What Others See When You’ve Viewed Their Profile. Then decide if you want to show your name and headline, display only semi–private profile characteristics or be completely private.