Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk Management

12:39 PM
Ivy Schmerken
Ivy Schmerken
Commentary
Connect Directly
Facebook
Google+
Twitter
RSS
E-Mail
50%
50%

The Perils of Social Media: Hackers Target Linkedin Profiles

Finance and IT professionals prefer Linkedin as their social network of choice, but detailed profiles can invite hackers.

Investment banks and other Wall Street firms have embraced Linkedin as a professional social media site network with their peers, recruit talent and even set themselves up for their next job.

But think again. According to cybersecurity experts, finance and IT professionals who share every detail of their professional lives in their LinkedIn profiles are opening the door for computer hackers to target individuals in their companies.

“On Linkedin, I could in five seconds find out 10 email addresses. And I could have a good idea what their user name is and if their passwords are simple, I can take guesses,” commented Steve Schoener, VP of Technology at Eze Castle Integration, a provider of IT services, technology and consulting firm to hedge funds and investment firms.

The concern is that hackers are using social media to target individuals directly to figure out their passwords through trial and error, and attempt to gain access to applications or corporate systems. “We see social engineering [through] Twitter, Facebook and Linkedin. They’re looking at telephone and email contact. They’re looking at corporate structure information, who reports to whom, who’s in charge of special projects and acronyms they use and building that knowledge of how we talk at work,” said Dave Ostertag, global investigations manager at Verizon Business. “Now with the board an senior level managers and the staff ,enjoying Facebook, Twitter, it’s a lot easier for the bad guys to data mine information that makes it enticing for a user to be targeted and click on an email,” said Karl Smith, Head of Cyber Security Assurance Services at BT.

Companies need to train their employees to recognize social engineering and to report that to security staff, said Ostertag. They also need to report what projects or business units they are being asked bout or what specific data. As a precaution, some companies are starting to use honey pots — fictitious identities. “There might be particular titles or business units that someone is looking for information on,” he said. “You create that identity as the contact person, suggested Ostertag.

[SEC Loosens Social Media Stance: Beware of CEO Tweets at 2 AM ]

Another idea is to simply put less information into the Linkedin profile. People have a tendency to describe their role in tremendous detail and discuss all of their past jobs, said experts. But experts suggest, there is security in obscurity.

Ivy is Editor-at-Large for Advanced Trading and Wall Street & Technology. Ivy is responsible for writing in-depth feature articles, daily blogs and news articles with a focus on automated trading in the capital markets. As an industry expert, Ivy has reported on a myriad ... View Full Bio
More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
4 Mobile Security Predictions for 2015
As we look ahead, mobility is the perfect breeding ground for attacks in 2015.
More
Register for Wall Street & Technology Newsletters
Video
All Videos
Trading Floors
Slideshows
Inside Abel Noser's Trading Floor
Inside Abel Noser's Trading Floor
Advanced Trading takes you on an exclusive tour of Abel Noser's New York trading floor, where the agency broker known for transaction cost analysis, is customizing algorithms for the buy side, while growing its fixed income trading and transitions business.
More Trading Floors