An article published on Krebsonsecurity.com just exposed a neat little trick using LinkedIn to find the email addresses that that person registered when they signed up for the service. The feature in question is the ability to sync (or upload) a list of your contacts to see who else is in LinkedIn.
As the article states, just about every social media website has some version of this feature, so that you can connect with others using the same site. Here is the response LinkedIn had to the author of the article and what they are planning to mitigate the “exposed” email addresses.
“We are in the process of implementing two short-term changes and one longer term change to give our members more control over this feature,” Linkedin spokeswoman Nicole Leverich wrote in an emailed statement. “In the next few weeks, we are introducing new logic models designed to prevent hackers from abusing this feature. In addition, we are making it possible for members to ask us to opt out of being discoverable through this feature. In the longer term, we are looking into creating an opt-out box that members can choose to select to not be discoverable using this feature.”
Read the entire post here.
During my own sourcing, I have already seen what appears to be new limitations in syncing contacts. I have not been able to confirm what they are but some things have changed. This will be the subject of my talk at SourceCon in a couple of weeks, assuming it’s still a viable. Also, I’d like to thank David Galley for the tip and pointing the article out to me!
image credit: bigstock