Recent allegations suggest that Microsoft is engaging in corporate espionage through its LinkedIn browser extension, raising concerns about user privacy. However, security researchers are analyzing these claims and have found mixed results regarding the extent of data collection by the extension. While some users are worried about their information being tracked or misused, the research indicates that the data collection practices may not be as invasive as initially claimed. This debate over LinkedIn's data handling practices is crucial as it could impact user trust and privacy standards across similar platforms. Understanding the reality behind these accusations is important for users who rely on LinkedIn for networking and job opportunities.
Articles tagged "LinkedIn"
Found 9 articles
Hackread – Cybersecurity News, Data Breaches, AI and More
LinkedIn is facing scrutiny after a report revealed that it tracks over 6,000 browser extensions installed on users' devices. This practice raises serious privacy concerns, as many users may not be aware that their browsing habits could be monitored through these extensions. The BrowserGate report emphasizes that such extensive tracking can lead to potential misuse of personal data. Users of LinkedIn, especially those who rely on various browser extensions for productivity, should be aware of this issue and consider the implications for their privacy. The situation calls for a closer examination of data collection practices by major platforms and how they handle user consent.
SCM feed for Latest
Cybercriminals are sending out fake LinkedIn alert messages that claim to offer job opportunities, but their real goal is to steal user credentials. This phishing campaign tricks recipients into providing sensitive information, putting their accounts at risk. The fraudulent messages imitate legitimate notifications from LinkedIn, making them difficult to detect. Users who fall for this scam could find their personal data compromised, leading to potential identity theft or unauthorized access to their accounts. It's essential for LinkedIn users to be cautious and verify messages before clicking on any links or providing information.
Phishing scammers have been impersonating recruiters from Palo Alto Networks to trick job seekers since August. These fraudsters have used psychological tactics and personal information gleaned from LinkedIn profiles to create convincing fake job offers. Victims are often led to believe they are in the running for legitimate positions, only to be scammed out of money or personal information. This ongoing scheme not only targets job seekers but also potentially damages the reputation of the real company. It's crucial for job candidates to verify the authenticity of job offers and be cautious when sharing personal details online.
Hackread – Cybersecurity News, Data Breaches, AI and More
Researchers at AllSecure have uncovered a sophisticated phishing attempt by North Korean hackers from the Lazarus Group, targeting their CEO using a fake LinkedIn job interview. The attackers employed deepfake technology to create a convincing impersonation, aiming to extract sensitive information. This incident showcases the evolving tactics used by cybercriminals, particularly in social engineering, and highlights the risks that executives face in the digital age. With the rise of deepfake technology, companies need to be vigilant about potential impersonation scams that could compromise their security. This attack not only affects the targeted individual but also raises concerns for the entire organization and its stakeholders.
Infosecurity Magazine
Researchers from ReliaQuest have identified a phishing campaign targeting high-profile business executives through LinkedIn messages. The attackers are using an open-source penetration testing tool to craft convincing messages that trick individuals into revealing sensitive information. This campaign is particularly concerning because it targets 'high-value individuals,' making it more likely to succeed against those with access to critical company data. Companies need to educate their employees about recognizing phishing attempts and to implement stronger security measures to protect against these types of attacks. With the rise of social engineering tactics like this, vigilance is essential for safeguarding sensitive business information.
BleepingComputer
Scammers are targeting LinkedIn users with a new phishing tactic that involves fake comments appearing as replies to legitimate posts. These comments, which resemble official LinkedIn notifications, falsely warn users about policy violations and encourage them to click on malicious external links. Some attackers are even using LinkedIn's own lnkd.in URL shortener, making it more difficult for users to recognize these attempts as scams. This tactic is particularly concerning as it exploits the trust users have in the platform, potentially compromising personal and professional information. LinkedIn users should be cautious and verify the authenticity of comments before clicking on any links.
A significant security oversight was uncovered when researchers found an unsecured 16TB MongoDB database that exposed approximately 4.3 billion professional records. This database primarily contained LinkedIn-style data, which could be exploited for large-scale AI-driven social engineering attacks. The discovery was made by Bob Diachenko and nexos.ai on November 23, 2025, and the database was secured only after the researchers alerted its owner. This incident underscores the risks associated with unsecured databases, as the exposed data could facilitate identity theft and phishing schemes targeting professionals. Organizations need to ensure better security measures for their data to prevent such breaches in the future.
This week has highlighted a surge in cybersecurity incidents, including arrests of hackers and the increasing sophistication of espionage activities. The use of everyday technology, such as browser add-ons and IoT devices, for malicious purposes underscores the evolving nature of online threats.