Your LinkedIn Account Has Been Hacked – Here’s What to Do Ep 100

Show Notes

🎉🥂Pop the champagne and throw the confetti—it's the 100th episode of Enthusiastically Self-Employed!

In this episode, I'll address an increasing trend: LinkedIn accounts being hacked.

My friend, Brenda Cadman reached out to me recently after her account had been hacked -- even despite her attempts to prevent it from occurring. 

• She had a strong password
• She had enabled 2FA (Two Factor Authentication)

She discovered this after landing from a flight when travelling, due to a flurry of emails from LinkedIn about an email being added, then a password being changed, and she was already locked out.

In this episode, I'll address the following:

What to do if your LinkedIn account has been hacked.

1. Report it IMMEDIATELY to LinkedIn. This will lock up the account, even for the hacker. Use this link.
2. Ask a friend to look up your account and see if anything has been changed. Get screen captures. Look to see if the email address is visible. 
3. Give LinkedIn 24-48 hours to work their magic. 
4. Ask a heavy user of LinkedIn (I recommend a LinkedIn coach / trainer who has an excellent reputation on LinkedIn), to post about your account being hacked to warn others. Ask them to tag in @linkedin-help on their post. Here's the post. Thanks to Cliff Fernandes for the additional insights! 

Steps to prevent it from occurring again in the future -- or for the first time! 

1. Log out of LinkedIn on the app and desktop BEFORE jumping on public WiFi. Or, open up your VPN (I use Bitdefender) on your laptop or phone before navigating onto public WiFi.
2. Close out of all sessions periodically. Do this from the desktop version of LinkedIn. How.
3. Set up 2FA. How.
4. Use a strong password.
5. Sharing your account with anyone (not recommended)? Periodically change your password. 

WARNING:

• LinkedIn is a target for hackers due to its credibility for professional networking. 
• The higher up you move in an organization or the more visible you become, the more of a target.
• People usually do this for bragging rights.
  
  

BONUSES:

• Luckily, Brenda Cadman was aware of me and reached out to me via email after reporting it to LinkedIn. 
• If you're a client, I'll give you this same VIP treatment if your account is ever hacked. 😎

LinkedIn "Power Hours" (Single Session, x4, x12)
Each package includes: 

• LinkedIn consulting / coaching, personalized to your needs and focusing on your questions.
• Review of LinkedIn profile / company page to provide guidance / advice / recommendations

https://www.mellermarketing.com/powerhour 

**************************************
My name is Brenda Meller. I'm a LinkedIn coach, consultant, speaker, and author. My company is Meller Marketing and I help business professionals get a bigger slice of the LinkedIn pie.

Visit mellermarketing.com

Let's connect on LinkedIn: linkedin.com/in/brendameller
(click MORE to invite me to connect and mention you listened to my podcast)

Chapters

• 0:00: LinkedIn Account Hacking Prevention Tips
• 12:01: LinkedIn Security Best Practices
• 17:06: LinkedIn Account Hacking Recovery Guide

Transcript

Speaker 1: 0:49

Well, I have to tell you this I am super proud because you know what episode this is. This is episode 100 of Enthusiastically Self-Employed. I'm super excited to make it to this milestone and I know I don't know what the stats are on people who've actually done a podcast first of all and who've made it to 100 episodes, but hey, I've made it here and I'm one to celebrate. So hopefully you are also excited about this achievement for me, and if you have never messaged me or emailed me before, please take a moment, celebrate with me, send me a message and say congratulations on 100 podcasts. You can email me at brenda, at mellormarketingcom, or message me on LinkedIn. If you're on Instagram, look it up at Mellor Marketing, but I'd love to hear your notes of congratulations. All right? So today's episode is going to be about what do you do if your LinkedIn account has been hacked, and I have to say that, unfortunately, this is growing in occurrence lately. I've noticed a trend, unfortunately, that more and more people are starting to have their accounts hacked, and this episode was inspired by something that actually happened to me over the weekend, and we're right near in the United States. We're in Memorial Day holiday today and we're in the weekend, but a friend reached out to me through email letting me know that her account was hacked and she was freaking out, and she said what do I do? And this is somebody that I know fairly well. Her name's Brenda Cadman. She is my go-to expert on all things Canva and, without a doubt, I would help her. You know, drop what I'm doing if possible, and help her to get back into the account. So what I want to walk you through today are what are the steps that you need to do. If you have had your LinkedIn account hacked, I'm also going to talk about some steps to prevent it from happening again in the future, or for the first time. For those of you who've never had this happen to you before, these are things that can reduce the likelihood that a hack does occur, and some of these tips I've just learned myself, having worked with my friend, Brenda Cabin over the weekend on her issue, and there are new things that I'm going to start to implement as well.

Speaker 1: 2:56

All right, so let's talk about this. So your account has been hacked. What do you need to do? The first thing is notify LinkedIn and, if, on any of your devices or applications, if you have access to do from inside LinkedIn, do so. If not, there is a link that you can use to submit a ticket to the LinkedIn help desk even without being logged into the LinkedIn site or app. I'm going to provide that link below in show notes so you can click to access on that.

Speaker 1: 3:24

And what I would do if I were you and I recommended Brenda Kedman when I walked her through this process I recommended she do it at the same time is provide your identity verification. Let them know what happened when you first noticed that your account was hacked. If you got some email notifications and then you realized you were locked out of your account, just let them know what happened when it happened and then upload some proof of your identity. Now I typically recommend that you use the same type of document verification that they request if they're going to reach back out to you to request that verification. Typically it's things like a state-issued form of identification, Typically a driver's license, for example. You can also use a passport, but they're going to want to know that it's you who's actually requesting that information. So I would recommend, if you're using that external link to submit a ticket to LinkedIn help, to let them know that your account has been hacked. I would say also attached as a copy of the front and back of my driver's license or my passport for verification. But just provide that, because then you're going to just shorten the steps because at some point they're going to reach back out to you. Do make sure that the email that you put on the request form is the same email that you use to access your LinkedIn account. Okay, Because this will help to provide the verification when they email you back.

Speaker 1: 4:41

Now my understanding is, when you do this and the request is coming through from you with your identity verification documents in place at the email that you've used prior to someone changing out the email, this will lock up the account. So whoever has gotten into the account, whoever's hacked it, they're not going to be able to do anything anymore. And I'm not sure what happens on their side. I'm guessing they're probably going to get an email asking for identity verification documents and they're not going to be able to do anything because they are not you. So that stops them from doing any further damage to your account.

Speaker 1: 5:13

Now, after you've done that, I would also ask a friend to look up your account for you on LinkedIn to look up. You know somebody who's connected with you. Ask them to look up your account and see if anything has been changed on your account. Now a good friend will also be able to get you some screen captures see if your email address is visible in the contact info and, if so, grab a screen capture of that so kind of document, what you're seeing on there. Ask them also to send you a message, but don't say hey, I hear your account was hacked and I did this for my friend, Brenda Cadman. I messaged her and I said hey, hope you're doing well, having a great Saturday. Wanted to see if we're still on for that call today. Can you give me your cell phone number? And I didn't allude to anything that I knew that her account had been hacked and I was waiting to see if the person who got in her account would reply. And they didn't. So I really don't think this is a real person. I'll talk more about that later, but do ask a friend to look up your account, grab some screen captures if they're noticing any funny activity etc. Cetera, to make sure to document that and just get that kind of set off to the side Now, after you've notified LinkedIn that your account has been hacked, you've submitted your identity verification, you should get an email back pretty instantly just saying we've received your submission.

Speaker 1: 6:26

That is an automated email and a human being hasn't looked at it yet, but you will get that back pretty much instantaneously. Being hasn't looked at it yet, but you will get that back pretty much instantaneously. And then within 24 to 48 hours you should get back into your account again. You do need to give it some time to let LinkedIn work their magic. I don't know what their process is Maybe a little bit longer if it is on the weekend or over a holiday but give them some time to work through that Now.

Speaker 1: 6:49

At the same time, if your LinkedIn account has been hacked, one additional thing I would do if you know someone who's a heavy user of LinkedIn, who has a good reputation within the LinkedIn community, even better. Yet if they are a LinkedIn trainer, coach or a LinkedIn employee, etc. Actually, it'd be hard-pressed to find a LinkedIn employee to do this. Trainer or coach somebody who's very active on social media, ask if they would feel comfortable to post about your account being hacked and ask them in the post or in the comments to tag in at LinkedIn-help. That will flag it to LinkedIn help to be on the lookout for the issue, and it also brings visibility to others on the platform that your account has been hacked right. And I did this and I'll include the link below for the post that I did about Brenda Cabin. I actually grabbed a screen capture of the top portion of her account, I explained the situation, I tagged in LinkedIn help and I actually got some folks commenting on this and adding in some additional information and some insights.

Speaker 1: 7:49

And I want to give a shout out to one individual in particular. His name is Cliff Fernandez and he works in an IT role and I don't know Cliff very well. I have to admit I don't know him really well. He's actually located in the UK, but when I posted about my friend, Brenda Cadman being locked out, he started asking some questions and offering some advice on what could have particularly caused this to happen. And in this instance she was traveling and she was on an airplane and when she landed is when she discovered this flurry of emails coming out from LinkedIn that her password had been changed, and here's the two-factor authentication and whatnot and she was really surprised by it and what he alerted us to.

Speaker 1: 8:26

And this is something that was new information for me is, if you do have an open instance of LinkedIn, somebody could potentially get a hold of your LinkedIn cookie for that session and then post as you without even using two-factor authentication. And I kind of have heard about this before, but the way that he articulated it just made me go wow. So what can we do to prevent this? Because folks like me will always tell you set up two-factor authentication, have a strong password, don't share your password with anyone, and I have heard issues of being on public Wi-Fi before, but I really didn't understand the potential of what could happen on here. So this individual cliff kind of gave us the insight as to you know, if you're on public Wi-Fi, even if you are not actively navigating on LinkedIn, somebody could see that you're on LinkedIn and grab your cookie and then they could pose as you. And it sounds like that's what happened, Because when Brenda got back into her account, we looked at her activity log together and there wasn't any instance where it looks like somebody was logging out, logging back in. It looks like they just jumped in and they added in their email address and then they removed the other email addresses. So it looks like something kind of odd was happening there.

Speaker 1: 9:39

So, related to that, I want to give you here are the steps I recommend to prevent this from happening again in the future, or for preventing it from happening for the very first time and this is something that I haven't been doing up until now, but I'm definitely going to start doing and that is making sure that you're logging out on both the mobile app as well as on your laptop before jumping on any public Wi-Fi. And if you need to use public Wi-Fi, that happens I totally get it, but do make sure that you have some type of VPN in place. I use a service called Bitdefender. I'm not an affiliate, I just am a fan of the service. It allows me to set it up on multiple devices and I have a VPN in place and I can use it on my phone, I can use it on my laptop, and that will allow you to navigate on the public Wi-Fi, but you can remain private. Okay, Another thing to do is to close out of all of your open LinkedIn sessions periodically.

Speaker 1: 10:37

I'm going to put a link below that you can follow, which will take you to the page, and it'll show you how many instances and how many sessions of LinkedIn you currently have open, and this could be a bit eye-opening for you. I know there's been times where I've opened this up and there's like 12 sessions open and I'm like, oh my goodness, what happened? And typically what happens is every time you open up your LinkedIn in a new location, it's considered a new session. So you're opening it from your home that's one instance. You go to the library that's another instance. You go to the coffee shop that's a third. You're at a networking event on your phone that's a fourth. So you can see how these can quickly add up unless you are logging out right. And again, here I'm assuming you're not using a VPN in place, so you're using some type of a public Wi-Fi and your sessions are visible. And now it's just a good practice to close out of all sessions periodically. It just is a good session, a good thing to do. Rather, I would recommend doing that from the desktop version of LinkedIn. I'm sure there's probably a way to do it from mobile, but it's a little bit trickier, so I'm going to recommend you do that from the desktop version of LinkedIn. Okay, Another step I would recommend that you do to prevent unauthorized access, hacking into your LinkedIn account is to set up two-factor authentication and, yeah, it does require you to enter a code every time you log in from a new location, but I do like the sense of security that gives you and it does help to minimize the chance that somebody can hack into your account and change it under their email.

Speaker 1: 12:01

Now, in my friend's situation, like I said earlier, she had two-factor authentication set up and she did have a strong password, which is another thing that I recommend, but they still were able to get in because they were using a cookie for an open session. So you can see here why it's really important to close out of all of those sessions periodically. And related to that, again, I just want to reiterate making sure that you are using a strong password on your LinkedIn account. This should not be the same password you're using across all social media, and I get it. It's harder and harder to remember passwords these days. Figure out a system, whether it's writing it in a notebook, in your notes app on your phone or some other place, but you got to get into the habit of having different passwords for all of your sites and periodically changing those passwords as well.

Speaker 1: 12:48

Now the other thing I want to talk to you is there may be some of you who are sharing your LinkedIn account, your login information, with someone. It might be a virtual assistant, it might be an agency, etc. And I get it. People do that. Now, technically this is a violation of LinkedIn's terms of service, but my understanding is LinkedIn tends to look the other way, especially for executives. They know they just don't have the time to do so, but my advice for you is, if you are sharing your account login information with anyone, you should periodically change your password, because the likelihood is low, but there is a possibility. They could be logging in as you, forgetting to log out, and they go traveling someplace and they're in public Wi-Fi and then somebody hacks into your account and it's their fault, inadvertently, right. So it's just a good practice to do.

Speaker 1: 13:36

Now, in my conversation with Brenda Cadman, we were talking about you know her use of social media and LinkedIn's one of the sites that she uses fairly frequently, but she's you know she shared this with me and I want to share this with you. She had never thought about LinkedIn as a weak spot for her, and she's had instances with other sites. I'm not sure if it was Instagram or Facebook, but she didn't really worry about LinkedIn. Now I do want you to think about LinkedIn as a particular site where you can have some vulnerability, and the why? Because it's such a highly credible site for professional networking. People don't question that it's you. They think that it's you. Think about that. What if somebody logged into your account and posted something really inappropriate or messaged people that you had professional relationships with, asking them for money or gave them a link that caused a virus on their machine, right? So just think about the potential, for there there's such a high level of credibility.

Speaker 1: 14:31

Related to this, I have to share with you that the higher up you move in an organization or the more visible you become within your business, the more of a target you become, and I don't know why hackers do this, but I'm under the impression that they do it more for bragging rights than they are doing it to justify financial means or other inappropriate actions. It's more just for bragging rights. They do it because they can, right. So it's really unfortunate that there is scum like this in the world that just does these things to us, that causes us stress. But, at any rate, just some things to be aware of Now. Some bonuses for all of you that are listening here today.

Speaker 1: 15:11

My friend, Brenda Cabman, is awesome. She teaches people about Canva. I've given her several shout outs so far as it relates to this issue and she's actually had a few people that have responded to my LinkedIn post that are like, hey, I just signed up for Brenda's Canva freebies and we weren't sharing this publicly to help her to get business. But I don't mind giving people visibility. Now, luckily, she was aware of me as a LinkedIn coach and she reached out to me through email. I do have to share, though she reached out to me through a slightly different email than she typically communicates with me through. So I reached back out to her through that primary email and I copied the other email and I said I want to make sure this is you before I bring out the assistance, and that was really important that you were communicating with people through email or, even better yet, through cell phone or some other means to make sure that it is them.

Speaker 1: 15:57

Now, in this case, I wanted to actually get her on a Zoom, because, unfortunately, I'm hearing about some of these AI and technology tools where you can pose as the person using their voice and even do something with their email makes me a little skeptical. So I said let's get on a Zoom call so I can see you. And she did get on the call and we were both on the weekend, so we're fresh face, ponytails wearing sweatshirts, et cetera. And we had a conversation and I had her do a screen chair and walked her through the steps to do so. So I do want to share with you if you are a client of mine or if we've collaborated on a project maybe you've hosted me on your podcast or I've hosted you on mine, or maybe you're just regularly interacting with me on social media and I know who you are. I have to admit I'm more likely to spend the time to help you to troubleshoot this than with somebody I don't know at all.

Speaker 1: 16:46

And I do periodically get inquiries from people I don't know in a country where I never do business and I've never heard of them before, and they say my LinkedIn account is hacked. Can you help me? And you may be a hacker. I don't know. I have to protect myself and my personal reputation and my professional relationship. So I am very skeptical that you are who you say that you are.

Speaker 1: 17:06

So do keep that in mind and, with that said, my friend, I hope that if your LinkedIn account has been hacked, that you've gained some insights from today's episode that are going to help you on the path to getting back in. You know, chances are you will get back into your account. I've really not heard of any instances where somebody has been hacked and has had to start all over. Typically, it does just take a little bit of time to get back in. So be patient, follow the steps they're giving you and look through the instructions I've given you in today's podcast episode. With that said, do let me know if you found this show helpful, and I look forward to seeing you on the next episode. Have a great day.