LinkedIn has transformed the way we connect, collaborate, and build our professional identities. Platforms like LinkedIn have become essential for building professional relationships, generating leads, showcasing experience, networking at scale and finding the best candidates. But while it is great to be accessible and connected, there’s a growing security threat hiding in plain sight—your publicly visible email address.
Unlike hacking or malware attacks that are sometimes elaborate, this threat is deceptively simple—and surprisingly effective.
The default security settings for LinkedIn display your personal email address to your contacts. This means that if the LinkedIn account of one of your contacts is compromised, a cybercriminal will then have access to your email address. Most people use a personal email address with LinkedIn as opposed to a business one because people move jobs and don’t want to be locked out of their account. Criminals make use of your email address to send emails that look like they are from your employer (which they discover from your LinkedIn profile) e.g. from the HR department regarding payroll or pension arrangements. They aim to convince you to divulge information such as bank account or pension plan details. These messages are crafted to appear legitimate and may even redirect you to what looks like a genuine Microsoft login page. However, their aim to capture personal information e.g. by asking you to complete a form or your login credentials. Once they have this, they will attempt to extract money from you, your employer or your pension fund.
1) To change the default LinkedIn email address setting, go to linkedin.com and sign it to your account. Click on ‘Me‘. You will find this at the top of the homepage (your profile photo in the top-right corner).
2) From the dropdown, select “Settings and Privacy”
3) In the left-hand sidebar, click “Visibility“
4) Under the visibility of your profile and network section, click on “Who can see or download your email address” and choose “Only visible to me“. The setting will be automatically saved.
Your email address is now visible only to you. If your contacts wish to contact you and don’t have your email address, they can use the built-in messaging function within LinkedIn. This is safer than having your email address accessible to all your contacts.
