[News] Attackers demand ransoms for stolen LinkedIn accounts

Summary

• LinkedIn users are being targeted by a campaign that steals their accounts and then demands a ransom to avoid having the accounts deleted.
• The attackers may be using a variety of methods to gain access to accounts, including brute force attacks and credential stuffing.
• Victims are usually made aware of the attack when they receive a notification that the email address associated with their account has been changed.
• In some cases, the attackers have also added fake accounts to the victim's connections.
• LinkedIn support has not been helpful in recovering the breached accounts, with users reporting long wait times and unhelpful responses.
• The best way to protect yourself from this attack is to set up two-step verification (2FA).

More Details

• 2FA adds an extra layer of security to your account by requiring you to enter a code from your phone in addition to your password when you sign in.

At least 2 Ways to set up 2FA on LinkedIn

1. Authenticator app 2FA: This method uses an app on your phone to generate a code. Authenticator app 2FA is considered to be more secure than SMS 2FA.
2. SMS 2FA: This method sends a code to your phone via SMS.