Wednesday, June 27, 2012

5 Dirty Tricks For Using Your Stolen LinkedIn Password

(In response to the LinkedIn spill of 6.5 million passwords into the wild.  Here are five actions your password's new owners might take for personal enrichment.)

1) Use your liberated password to cull your LinkedIn account for the people who know things, like for instance: your confidential sources, your Department of Defense contacts (if you have any), your IT admins, your client contacts, and the people you know in other compartmentalized aspects of projects.
2) Use it to get to know who you know: to sell to and steal from the people you know in business - to review your correspondence for tips on what you share and with whom, as prep for trick #3.
3) Use password to lock you out of your own account while corresponding with other people in your network to set up spear-phishing attacks -- use correspondence to create a very passable facsimile of you.  You've just been cloned.  
4) Get into other accounts on other sites using your password . . . in other words, use this 6.5 million password database when conducting brute-force attacks on other sites across the web.
5) Add your password to help grow black-market databases kept on individuals from data spilled, scraped, stolen, and subpoenaed from across the web.  In other words, resell it in association with other related data on you.

Please add your own dirty trick to comments back on Associated Blogs.