For many people, LinkedIn is an essential work tool, used for networking, job applications, learning and more. And the more you rely on it, the more devastating the effects of a hacked LinkedIn account may be. You may face embarrassing situations with contacts, or be financially scammed. Unfortunately, LinkedIn hacks are far from uncommon, with criminals keen to access the vast amount of data that this may reveal. We look at the warning signs that your LinkedIn account may have been hacked, the steps you should take to recover your account, and the best ways to keep your account safe in future.
How To Know If Your LinkedIn Has Been Compromised
LinkedIn’s security has improved considerably since a 2012 breach in which 6.5 million user passwords were compromised. However, accounts do still get hacked, generally thanks to errors or oversights from the user.
As with most hacks, LinkedIn hacks generally come about through a phishing attempt, with the victim tricked into clicking on a fraudulent link. Other routes include exploiting weak passwords, outdated software or excessive permissions to third-party apps connected to your LinkedIn account. There are a number of signs that your LinkedIn account may have been compromised, including suspicious activity on your profile, difficulty logging in, complaints from contacts about strange or spammy messages coming from your account or warnings of unusual activity on your account from LinkedIn itself.
Sign 1: A Message From LinkedIn
The most obvious sign that your LinkedIn account has been hacked is a warning message from LinkedIn itself.
You may receive an email from the firm telling you about a change to your password or the email address associated with your account, a login from an unknown device or location or other unusual activity on your account. If these are changes that you didn’t make yourself, it’s fair to assume that your account has indeed been hacked.
Sign 2: Profile Changes
For many LinkedIn users, the first sign that they’ve been hacked is changes being made to their profile.
If you start spotting changes in your profile, such as your name, photo, summary, skills or job history, it’s pretty clear that it’s the actions of hackers. Particularly common is the sudden appearance of new endorsements and recommendations – signs that the hackers are trying to draw others in.
Sign 3: Unauthorized Activity
Similarly, new posts, comments, messages, or invites that you did not make are a sign that somebody else is actively using your account.
This can mean anything from strange posts or messages — possibly encouraging your contacts to click on spammy links — to connection requests sent or accepted without your knowledge.
Sign 4: A Heads-up From Contacts
If you’re not a particularly active user of LinkedIn, it’s possible that you might not immediately notice changes to your account, or posts that you didn’t make.
However, your contacts may notice, and tip you off. If you get a message from another user about spam, phishing or inappropriate content coming from you, you should take it seriously and take action immediately.
Sign 5: Problems Logging In
A common warning sign that your LinkedIn account has been compromised is having difficulty logging into your account.
If you’re having trouble signing into your account, or discover that you’ve been temporarily locked out, there’s a strong chance that your LinkedIn account is being accessed by a criminal who has changed your login details.
What Should You Do If Your LinkedIn Is Hacked?
If you’ve been experiencing any of the issues above, you’ll need to take action to regain control of your account and deal with any problems that have been caused. The first step is to report the issue to LinkedIn here.
Next, you’ll need to change your password to make sure that the hackers no longer have access to your account, and review your active sessions to see where you’re signed into LinkedIn right now. You should review all the email addresses and phone numbers associated with your LinkedIn account to make sure they’re up to date and that you’ll be able to receive password reset messages from LinkedIn. You should also check the personal email account linked to your account to make sure it’s still secure. Look out for, and delete, any rogue messages or posts on your account, and do the same for your other social media accounts. Finally, let all your contacts know what’s happened.
Step 1: Change Your Password
If you can still access your account, your first move should be to change your password to something strong — with upper- and lower-case letters, numbers and symbols.
Make sure your new password is difficult to guess — don’t base it on your date of birth, child’s name or anything similar — and don’t reuse a password from anywhere else. You can change your password here.
Step 2: Review Your Active Sessions
It’s possible that the hackers may be logged in right now, and if so you’ll need to get rid of them.
Click the Me icon at the top of your LinkedIn homepage, select Settings & Privacy, and then under the Sign in & security section click the arrow next to Where you’re signed in. You’ll see a list of your active sessions, and can sign out to any or all.
Step 3: Review Email Addresses
You’ll need to make sure that all the email addresses and phone numbers associated with your LinkedIn account are up to date.
You should also check your personal email account, along with any other accounts that are linked to your LinkedIn company profile, such as Facebook, Twitter, Google, or Microsoft, to make sure they’re still secure. It’s a good idea to change passwords here, too.
Step 4: Clean Up Your Timeline And Check Other Social Media
Look out for, and delete, any rogue messages or posts on your account. You should also check any other social media accounts for posts, friend requests, messages or other activity that wasn’t from you.
Step 5: Alert Your Contacts
It’s possible that your contacts have received messages from your account that didn’t come from you — and they’ll almost certainly consist of spam or phishing attempts. It’s a good idea to message everyone on your contacts list to explain what’s happened and warn them to ignore any suspect messages.
How Can You Recover Your LinkedIn Account?
Even if you’ve been locked out of your account, it’s still possible to recover it — you shouldn’t need to give up and create a new one. Even if you’re not logged in, you can contact LinkedIn in other ways and ask for help.
There’s a support page here, where you can report the problem, using your name, email address and phone number. It’s a straightforward process, although you’ll have to wait for the company to verify your identity, which can take a few days, before you’ll get back control of the account. If you’ve lost access to the email address or phone number tied to your account, the process is little more complicated, requiring you to verify your identity with official ID.
How Can You Protect Your LinkedIn Account From Hackers?
If you’ve experienced a LinkedIn hack and all the hassle it entails, you’ll want to make sure that it never happens again. Fortunately, there are steps you can take to help keep your account secure in future.
The first, and most obvious, is to keep using a strong, unguessable password; you should also turn on two-factor authentication; while having to use an authorization code may take a few moments longer, it makes your account significantly more secure. You could also look at turning on LinkedIn’s secure browsing mode, which you can access by clicking your image in the top right-hand corner of the screen and choosing Settings and Privacy. Finally, be cautious about opening attachments, messages, or links, and keep your personal data private. You may wish to change your privacy and visibility settings and update your permissions.
Bottom Line
With LinkedIn such a useful business tool, having your account hacked can represent a major problem. Fortunately, though, it’s usually relatively straightforward to regain control and take steps to prevent the same thing happening again.
