LinkedIn's Default Email Visibility to Connections Poses Security Risk

Cybersecurity expert Jeremy Banon recently highlighted a significant privacy concern on LinkedIn, warning users that their primary email address is often visible to their connections by default. This setting, while seemingly innocuous, can expose users to increased risk from attackers. Banon emphasized the importance of adjusting privacy settings to prevent this potential vulnerability.

According to LinkedIn's default settings, a user's primary email address is typically visible to their 1st-degree connections. This visibility can extend to people who are email contacts or through integrated applications like Outlook, as confirmed by LinkedIn's own help resources. Many users may be unaware that this personal information is shared with their professional network.

The default visibility poses a considerable security threat, making it easier for malicious actors to gather information for targeted attacks. As Banon stated in his recent post, "Matching a personal email to a profile is valuable to attackers prospecting you." If a connection's account is compromised, cybercriminals could gain access to a user's email, facilitating phishing attempts or social engineering schemes.

To mitigate this risk, Banon provided clear steps for users to enhance their privacy. Users can navigate to "Settings and Privacy," then "Visibility," and finally "Email Visibility" to change the setting to "Only visible to me." This action ensures that the email address associated with the LinkedIn account remains private, accessible only to the account holder.

Regularly reviewing and updating privacy settings on professional networking platforms like LinkedIn is crucial for maintaining digital security. Cybersecurity experts consistently advise users to be proactive in managing their online footprint. Taking simple steps to control who sees personal contact information can significantly reduce exposure to potential cyber threats and safeguard professional identities.