With many high-profile data breaches taking center stage in recent weeks, LinkedIn wants to make sure users know all of the ways to keep their personal-account information private.
While a series of automatic checks already protect all LinkedIn accounts, designed to thwart unauthorized sign-in attempts and keep users' data safe, you can take several additional steps to ensure your account is totally protected, including:
1. Update "Privacy Settings" to understand how you're sharing your information: In addition to the built-in security features, there are some additional privacy settings users can turn on or off, depending on what they want to share, display and receive. These setting options include:
- Turn your activity broadcasts on or off: If you don't want your connections to see when you make changes to your profile, follow companies or recommend connections, uncheck this option. [7 Cybersecurity Risks for 2014 ]
- Select what others can see when you've viewed their profile: When you visit other profiles on LinkedIn, those people can then see your name, photo and headline. If you want a higher level of privacy, you can choose to only display anonymous profile information, or show up as an anonymous LinkedIn member, to people whose pages you've visited.
- Select who can see your connections: You can share your connections' names with your other first-degree connections, or you can make your connections list visible only to you.
- Change your profile photo and visibility: You can choose to have your photo displayed only to your first-degree connections, only to your network or to everyone who views your profile.
2. Opt into Two-Step Verification to prevent other people from accessing your account: Two-step verification requires a person to use more than one form of verification to access an account, usually by "knowing something," such as a password, and by "having something," such as a mobile device that the account already knows. Two-step verification is a much stronger form of account protection. It can greatly reduce identity theft and unauthorized access to sensitive information since most accounts become compromised from new or unknown computers or devices. LinkedIn offers members the ability to turn on two-step verification for their accounts. This will require an account password and a numeric code sent to your phone via SMS whenever you attempt to sign in from a device that your LinkedIn account does not recognize.
3. Opt into Secure Browsing (HTTPS) for extra protection against unauthorized access to your Internet activity and to ensure you're connected to the real LinkedIn website: A good indicator of a protected connection on a website is an "https://" connection. While LinkedIn automatically secures a connection when you are on certain pages that require sensitive information (such as using a credit card), you also have the option to turn on this protected connection when viewing any page across LinkedIn.
4. Keep your password up to date to help safeguard your LinkedIn account: Best practices for password security include:
- Change your password every few months.
- Don't use the same password on all the sites you visit.
- Don't use a word from the dictionary.
- Think of a meaningful phrase, song or quote and turn it into a complex password using the first letter of each word.
- Randomly add capital letters, punctuation or symbols.
- Substitute numbers for letters that look similar (for example, substitute "0" for "O" or "3" for "E").
- Never give your password to others or write it down.
- Sign out of your account after you use a publicly shared computer.
5. Watch out for phishing and spam emails requesting personal or sensitive information: Phishing is a common tactic that criminals use to try and steal your information, and your money, so you should always be on the lookout for fraudulent emails. LinkedIn will never ask for users' sensitive personal or financial information via email. To confirm whether or not a message is really from LinkedIn, here are a few things to look for:
- All valid LinkedIn messages will contain a security footer.
- In general, it's not a good practice to open any attachments or click any links in an email that seems suspicious, or that is from a person or company you don't know.
A few indicators should raise your suspicions that an email claiming to be from LinkedIn is not legitimate:
- The message tells you to open an email attachment or install a software update. LinkedIn will never ask you to do this.
- The message contains bad spelling and grammar.
- The message contains a threat of some kind, such as, "Your account will be deleted unless you act right away."
Before clicking on any links within an email, move the cursor over the links to see where they actually direct you. If an email claiming to be from LinkedIn directs you anywhere but back to the LinkedIn website, you can treat the message as a phishing attempt.
LinkedIn members can learn more about protecting their accounts by visiting LinkedIn's online Safety Center.
Originally published on BusinessNewsDaily.