Tag: social media hardening

No, I still won’t accept your LinkedIn invitation.

I made the above statement on LinkedIn once my invitation queue hit 40, and you could say it went a bit viral. That wasn’t surprising, but what was surprising was the reaction from some people who (based on their job titles) were either in tech or even in cybersecurity.

43 and counting…

LinkedIn IS used for recon. It is used for phishing. It is used for creating sockpuppets and spreading fake networks. Accounts are taken over, ransomed, or otherwise used to further malicious intent. All of this is well-known and easily verifiable with a quick search.

Yet these professionals essentially all get stuck on “if your profile is public (even partly), then not accepting invites doesn’t increase your OPSEC.”

My brother in Christ, OPSEC is not a constant state, is it the end-all-be-all. If nothing else, I don’t want to be the guy who accepted the shady invitation from an account that was later used to contact and phish our CEO.

On top of everything, since I published that original post, we’ve learned that Topline has basically scraped all LinkedIn user data (or repackaged a lot of older scraped data) and is using it to sell their service. In October, LinkedIn also sued ProAPI for scraping legitimate data through more than a million fake accounts.

So once again, I’ll remind everyone: everything you do on LinkedIn publicly will get scraped. Everything you do on LinkedIn privately will get used to train their AI LLM.

LinkedIn is brainrot, and joke’s on me for having a profile. The only winning move is not to play.

the only career advice i have is make every decision that moves you closer to not having to be on linkedin
— dax (@thdxr) January 5, 2025

By Joel Lattoin Privacy & Security01/12/202501/12/2025270 WordsLeave a comment

WhatsApp Privacy Settings

WhatsApp being a closed source app, owned and operated by Facebook, there’s not much you can do to protect your privacy from that angle. You can, however, limit the amount of data you expose to other WhatsApp users. These are all the privacy settings and tricks for WhatsApp you should be using.

Continue reading “WhatsApp Privacy Settings” →

By Joel Lattoin Privacy & Security12/08/202012/08/2020203 WordsLeave a comment

Instagram Hardening – Private Profile is NOT Enough!

First things first: Instagram is owned by Facebook. As such, no matter your settings or how you operate the app, you can never obtain real privacy on the platform. There exists a decentralized, ad-free alternative called Pixelfed that seems to have been getting some praise, but without personal experiences I can’t say much about it. Still worth the look if you’re thinking about migrating from Instagram.

Alright, now on to the guide. Here are the concrete steps you should take in order to increase your privacy and security on Instagram.

Continue reading “Instagram Hardening – Private Profile is NOT Enough!” →

By Joel Lattoin Privacy & Security14/06/201902/03/2020746 WordsLeave a comment

How to Setup LinkedIn for Better Privacy and OPSEC

NOTE: Due to changes in LinkedIn features, privacy settings, and their policies in general, this guide is now mostly outdated. A more up to date article can be found on F-Secure’s site: https://www.f-secure.com/en/articles/is-linkedin-safe-how-to-spot-fake-profiles-and-secure-your-account

When it comes to privacy and social media platforms, LinkedIn is the necessary evil we have to put up with. While it’s a no-brainer to delete your Facebook account, but as so much of job recruitment revolves around LinkedIn, it’s a lot harder to severe ties with it. Many companies don’t even post their career opportunities anywhere else than on LinkedIn, and prefer applications that come directly through the platform. It’s also a great tool for headhunters to find suitable candidates.

So let’s assume you have a LinkedIn profile, you want to build up your online resume and personal brand, and want to be able to jump on an opportunity if it presents itself. However, you can accomplish all that without revealing every aspect of your professional self for the whole world to see by default. Let’s start of with LinkedIn settings and then move on to behavior on the platform, and other tips.

Continue reading “How to Setup LinkedIn for Better Privacy and OPSEC” →

By Joel Lattoin Privacy & Security13/05/201901/12/20251,992 Words3 Comments

4 Steps to Harden Your Twitter Account

As data breaches and identity thefts are happening left and right, day and night, the best time to secure your Twitter account was yesterday. Here’s four straightforward steps you should take in order to significantly decrease the possibility of your account getting accessed by an outsider. Most of these things are applicable to other online services as well, so once you’re done hardening your Twitter account, take a critical look at your other accounts both on and off social media.

Continue reading “4 Steps to Harden Your Twitter Account” →

By Joel Lattoin Privacy & Security02/04/201922/11/2019466 WordsLeave a comment

Reddit Privacy Settings Guide (updated 2021)

Compared to other social networks, Reddit is a bit more barebones in terms of features and therefore also in terms of privacy settings. Here’s a handy list of the things you can do to harden your Reddit account.

Continue reading “Reddit Privacy Settings Guide (updated 2021)” →

By Joel Lattoin Privacy & Security12/05/201704/03/2021284 Words4 Comments