It should come as no surprise that phishing scammers have added LinkedIn bait to their buckets in the hopes of catching your password and maybe your entire online identity.
In the wake of LinkedIn's massive password problem, the site's users are now being hit with hordes of spam emails and phony invitations to "link in" with new connections, The Register reported. Some of these emails ask users to click on a link to reset their passwords or to confirm their email address. Many of them are flagged by the recipients' email provider as potentially harmful.
The phony emails come just two days after a hacker posted the LinkedIn passwords of more than 6.4 million users, the result of a breach that also leaked approximately 1.5 million passwords from members of the dating site eHarmony.
[LinkedIn, eHarmony Don't Take Your Security Seriously]
The presence of a link in a password-reset email claiming to be from LinkedIn is a dead giveaway that it's a scam.
According to Help Net Security, LinkedIn has issued a list of steps the company is taking to try to prevent the hijacking of accounts from the password leak. The instructions warn users that their password, if it was compromised, will no longer be valid, and that they will receive an email from LinkedIn on how to reset it.
"There will not be any links in this email," the warning says. Affected LinkedIn members will then receive a second email, from the company's customer-support team.
So if you receive an unsolicited email with any links in it from LinkedIn — or even from eHarmony or Last.fm, which yesterday (June 7) warned its members of a password breach — know that it's an attempt to steal your password, and ignore it. To keep yourself safe, it's important to choose a complex, strong password for each online account you access.