A securityphile reader recently submitted a question regarding LinkedIn and I thought I would share it with the rest of the readers:

“I’d created a Linkedin profile a year ago, but now I feel that the information on that site is just *too* much. Do you agree? I’m in the process of deleting every detail that I wrote about myself on that site… and just wanted to know your thoughts on the uses/potential for misuses of that site.”

Our anonymous reader agreed to let me post the question and response so that other readers can benefit from she learned.

My recommendation is to limit the amount of information you place on LinkedIn. By default, LinkedIn makes your profile available to search engines like Google, Bing, Yahoo. You can turn this feature off.

I would only enter the name of your employer and your position, nothing more into LinkedIn. No details about accomplishments, projects etc (you could be breaking confidentiality clauses you might not be aware of either you or your employer are liable for).

The more information you provide, the easier it is someone can build a profile of you. Since it’s the Internet, you have no control who can view your information. It’s easy to create a fake profile on any social networking site, people can use that fake profile to monitor you.

If someone is legitimately interested in contacting you regarding your experience, they can contact you further (make that known on LinkedIn).

 

Potential misuses could lead to identity theft, fraud or plain theft.

Depending on your employer and your position, you could be targeted by hackers (who may be employed by hostile governments etc.) who try to make you install software on your computer at work. If someone can see who you use to work with in the past, they could potentially pose as that person therefore gaining your trust.

It’s all about risk and the likelihood that that situation happens. If you are an administrative assistant to a high level executive in the auto industry or Canadian government, you could be a target. Those industries contain secrets and intellectual property that other countries may find very valuable. If you were the financial controller of a small business, you might be targeted because you have online access to your business’s bank accounts. If you are a receptionist at a high school, its unlikely a hostile government would try to hack you, but maybe one of the students might target you.

Threats to personal safety

If you have run away from an abusive husband and he has hired a private investigator to find you, one of the places he might look is LinkedIn. LinkedIn gives away information about location and name of employer. Your information may be unnecessarily exposed.

If someone was trying to steal your identity, they could call up one of your previous employers and pretend to be a new employer doing a background reference check. Depending on the person that is asked, they may unknowingly give up personal information about you. While you might not share such information, you can’t vouch for what another would do in the situation.