Recently, my LinkedIn account was hacked. I received an email stating that an additional email address had been added to my account. I then received a second email stating that there had been some suspicious activity. By the time I read these emails and attempted to log in, some bad actor changed my primary email to their own, wiped out my login credentials and essentially took over my account. I experienced the entire gamut of emotions—fear, anger, self-pity and finally acceptance. LinkedIn is one of my primary marketing vehicles for podcasts and other services. The thought of rebuilding more than 3,000 connections and my profile was not something I was looking forward to.
Fortunately, after 10 very frustrating days, I found a contact in the LinkedIn security department (big shout out to Andrew Chung) who helped me evict the basement-dwelling squatter and restore control of my account. Not only was this a tremendous relief but it set me on a quest to plug the leaks in my online boat. Nothing like a swift kick to the teeth to shift one from reactive to proactive mode. Since this incident, I have researched how to mitigate this type of invasion in the future. Here are some of the challenges and solutions that made the most sense to me.
When was the last time you backed up your critical contact information, emails and work documents?”
I am truly guilty of password negligence. I have used the same passwords for so many of my online accounts without regard for the sensitivity of the product. My financial services, travel and shopping accounts all had the same password. My social media accounts often had the same passwords. In hindsight, this was simply foolish. It was like having the same key for my home, vehicles, office and safe deposit box. As an alternative, my research suggested the use of password management software to generate a very strong set of random characters whenever I open a new account. The program stores this information and uses autofill technology to log you into the account. This is an area where autofill is positive. I will talk about the negative aspects later.
As an additional measure, I encourage you to turn on Multi-Factor Authentication (MFA) whenever possible. MFA is becoming more prevalent in the online world. Essentially, when the service doesn’t recognize where you are entering an account from (either browser or IP address), a verification code is sent to you via text or email. This is a second layer of protection in the event your login and password information has fallen into the wrong hands.
Like many of you, I travel extensively and often find myself taking advantage of free Wi-Fi in hotels, airports and coffee shops. While these opportunities are certainly welcome where mobile service is limited, they do come with potential risks. When we use an unsecured network, even if there is an access password, there is a chance that someone is “listening in” on our digital stream. They could be gathering information and capturing our credentials. Conversely, there are incidents where malicious software is delivered to unsuspecting users who tap into the unsecured Wi-Fi stream.
Using your own mobile hotspot to provide a connection for your devices is one way to get a tight handle on your digital connections. Most smartphones have this feature and date usage limits seem to be plentiful. Another security solution is to use Virtual Private Network (VPN) software to secure your online connection. These services create an encrypted connection so that eavesdroppers can’t follow you around looking for site credentials or secure information. These services are inexpensive and should be part of any traveler’s arsenal.
As one who believes in working smarter, not harder, I tend to take advantage of shortcuts in all aspects of my life. Shopping is no exception. Over the years, I have allowed Google to store and autofill my address information to facilitate a quicker shopping experience. Furthermore, I have also allowed Google to store credit card information to speed up the process. Google Pay and Apple Pay may feel like a wonderful convenience but these services, as secure as they may seem, leave us a bit vulnerable. Just be careful and limit autofill usage to reputable sites and use other security measures, such as fingerprint or facial recognition, to authenticate the process.
Social Media Sharing
I post information on LinkedIn. I use it to share my podcast episodes, comment on posts and generally let my thoughts be known in a limited way. I try to avoid too much personal sharing on LinkedIn as it’s a business platform. On the other hand, I have been dragged into the more personal side of social media using platforms like Meta and Instagram. I am certainly not a super user of these mediums but who doesn’t like a scrolling dopamine hit every once in a while?
There are certainly many cases of personal attacks and manipulations through these platforms, but I want to zone in on one that has always made me a little extra cautious. Travel-related posting can be fun but there are dangers in sharing when you are away from home. In 2011, a study conducted by the University of Florida found that approximately 78% of ex-cons surveyed admitted that social media played a role in their selection of homes to target for burglary and other property crimes. These participants noted that vacation-related posts were key factors in their process.
Furthermore, social media profiles and posts can give important information to con-artists and online scammers. Clever criminals can dupe friends and relatives into giving up sensitive information by posing as close friends who know details about your life, such as where you work, restaurants you frequent, your travel plans and even your personal relationships. My intent is not to scare anyone. I am simply sharing what happened to me and how it has helped change my thinking around the subject of cybersecurity. I am by no means an expert. If you want a greater understanding of how your personal and business assets can be compromised, I encourage you to seek out a professional on the subject. I interviewed an expert a few years ago on my podcast and I would be happy to pass along his information. Before I let you go, I would be remiss if I didn’t urge you to back up your data. As I was reeling with the thought of having to rebuild my LinkedIn network, I was cursing myself for not backing up my connections. When was the last time you backed up your critical contact information, emails and work documents? Be smart, be safe and know that I am always here to help.