Spear phishing

I’ve been wondering about the implications of LinkedIn (which one of my mates calls “Facebook for job-seeking suits”), and then came on this in an excellent piece by Patrick Kingsley in today’s Guardian.

“One of the first places a┬áhacker will visit is LinkedIn,” says [Rik] Ferguson. [Director of security research at computer protection firm, TrendMicro.] “What do we do on there? We make our entire CV available for the world to see. You can see everywhere I’ve worked in the past. You can see all my connections, see everyone I’ve worked with, everyone I know. So a hacker can assume one of those people’s identities and reference things that have happened in my professional life. And I’m far more likely to open an attachment from your email, because it’s far more credible.”

Spot on. Wonder if all the people who stampeded to get in on the LinkedIn IPO thought about that.