Many e-mail alerts LinkedIn used to notify its users on how to reset passwords accessed by hackers landed into spam boxes, claims email security vendor Cloudmark. This means many users, who suffered from the recent data breach, are still not yet aware their passwords have been compromised.
In a blog post, Andrew Conway, a Cloudmark researcher, said there've been a massive hike in e-mail spam of LinkedIn users, but they all were legitimate and were from LinkedIn, alerting users about the password reset.
"Over 4 percent of the people receiving this email thought it was spam and sent it straight to the bit bucket," Conway pointed out. "If Linkedin sends out 6.5 million emails, then a quarter of a million people are congratulating themselves on avoiding spam -- and still have a compromised Linkedin password."
Cloudmark further says LinkedIn made sure that its e-mails did not dump in spam boxes. It added special coding to the message to ensure it is legitimate, addressed the user by name and didn’t have any links to click on.
“Part of the problem,” Conway highlighted, “is that people are used to getting email that they don’t want from Linkedin and rather than unsubscribe, some of them just mark it as spam and hope that it will go away.”
Last week, LinkedIn suffered a major data breach with hackers gaining access to ore than six million LinkedIn passwords. Acknowledging the hack, professional social network LinkedIn has promised of of bringing in new security features to prevent similar incidents in the future.
No comments:
Post a Comment