XING and LinkedIn:
Know your privacy settings
Social engineering attacks are aimed at exploiting you as a computer user to infect systems or steal data. Criminals usually follow a certain procedure: First, information is collected from freely accessible sources in order to obtain the most comprehensive possible picture of the target person. Then a plausible sounding pretext is found to get in contact with the target person and to build up a relationship of trust. This is exploited by attempting to infect the computer, obtain sensitive information or order a payment by means of a sent link or file. You can make life much harder for criminals by paying attention to what personal information you disclose publicly.
The following information is particularly valuable for criminals: contacts (who knows whom - can one possibly refer to a "common acquaintance"?), the department and position in the company, former employers, organisations or interests.
Customizing data privacy settings in XING:
XING's default data protection settings are very generous without any action on your part. For example, a member's contacts are publicly visible to everyone. To adjust your data protection settings, click on the cogwheel in the navigation bar at the top right and then on the menu item "Settings". The settings menu is available only in German in the current Beta version. Select the sub-item "Privatsphäre".
The "Privatsphäre" menu allows you to adjust the settings concerning e.g. your contacts, activities and portfolio. IT-Seal particularly recommends to make the contact list visible only to your own contacts.
If XING is used as a network in the broader sense and not every contact request is checked in detail, the setting "nobody" should be selected here.
Customizing the privacy settings in LinkedIn:
Unlike XING, LinkedIn's privacy preferences are more restrictive. For example, the contact list can only be viewed by direct contacts. However, personalized data protection settings can also be selected here.
To do this, click on the "Me" button in the navigation bar and select "Settings & Privacy".
Then navigate to the "Privacy" area. Here you can set whether your e-mail address is displayed for contacts, what information is shared on your public profile, or whether information about you may be displayed on your employer's pages.
In general, we recommend that you share as little personal information as possible publicly and check that you really know the person before accepting contact requests.
Be aware of what information is publicly available about you and how it can be used by criminals.
Are you interested in social engineering and phishing? Visit us at www.bleib-wachsam.de to learn how to recognize phishing emails or identify the target of a link.