Could LinkedIn Users be the next victims of Spear Phishing?

Most savvy internet users are aware that the term “Phishing” is used to describe an online attempt to steal personal or financial data. However, this type of fraud is sometimes even targeted to specific individuals which is known as “Spear Phishing”. Rather than casting a dragnet by sending millions of messages to unknown users, time and energy are invested into spearing small groups of individuals.

If a Phisher discovered the full name, geographic region, e-mail address and job title of an individual it could make for the perfect phishing attack. Fortunately, most social networking sites that contain this type of information require approval before a stranger is able to view it. Although, this isn’t the case if people decide to work around the safe guards put in place to protect them.

LinkedIn is a very popular professional networking website which has such safe guards in place. Despite this, many people opt to openly publicize their e-mail addresses and other confidential information in the hopes to increase their number of connections. A quick Google Search reveals in the region of 10,000 people with an e-mail address in their title alone. This information could be harvested by spammers so that they would receive more spam. Worse still, it could be used as part of a phishing attack to steal an identity.