By now hopefully it's old news to you that LinkedIn was hacked. At minimum 6.5 million people had their LinkedIn passwords at risk of being breached via the hacking of their profiles. I am not going to go into detail on this now but have included a few links at the bottom of this post.
As I did a few searches this morning for what the latest was with LinkedIn and what our team needed to do to protect ourselves I was a bit shocked with what I found.
You know the old saying about how people do the same thing everyone else is doing even if it's not the right line, longest line or could do harm? Well, this is a perfect scenario of such.
1. Site created by @Shiflett claims to check if your account was hacked by LinkedIn. I don't want to link to it from here because I am not sure if it will someday be put on a black list, so don't want to risk it being linked from my blog or other sites where my blog gets syndicated.
4. If the site confirms you were hacked you get this message:
5. If site confirms you did not get hacked, you get this message:
6. This would leave one to believe that they are either a victim or not a victim. No where on the site does it state or not state that they are associated with LinkedIn. However, the content definitely leads one to believe that they are, since they state they will tell you if you are a victim or not?
7. Worse, when you click on the “sorry friends” link, you are taken to one of their projects. A share toolbar of some sort. Similar to the main page there is no explanation of what the bar is or why you should give a rip.
8. I tweeted about my concern for the site and the way the team was misleading folks. Below are a few of the tweets that resulted.
9. I think their team definitely gets an “A” in creativity and agility / time to market. However, it is also clear they took advantage of people who were desperate for information, mislead them to some degree and in the end push them to a page with their own product/project versus using the opportunity to make new friends via trust and good, accurate information.
10. My point is I think they truly missed an opportunity to connect in a more genuine way with a market that had their eyes on them.
What Should Have Happened!
They look like a great team, smart, have good coding experience, etc. Heck, we are always in need of good geek programmers and I am currently seeking some geeks to partner with for some of the fab ideas busting out of my head. It's what errrked me about this whole scenario. It's the missed opportunity.
Had they instead done the following I would be a good sum of money their ROI would be much higher than their current approach of a little fact, a little persuasion and a little misrepresentation.
What They Should Have Done…
1. Branded the page clearly with their names & their brand for maximum brand awareness. Keep it simple and let it be known it was a beta page thrown up for fun.
2. Show their geek side. Explain how & why they launched the site. They link to the blog post but many didn't notice it and felt played by the LinkedIn logo & lack of content on first landing page.
3. Be honest. Explain what it is and what it is not. LinkedIn has not validated that you are a victim or not by running the test on this page.
4. Delete, remove, scratch the push to their own project sharebar or whatever it is. Be my friend first, get to know me then sell me.
5. Invite me to their Facebook page for ongoing conversation or a quick Pinterest board where they commit to posting updates.
6. Add an easy to find opportunity to opt-in to their email updates.
7. They could then leverage the email to create an ongoing relationship with you and me. They could later tell me about the bookmark/sharebar and I might actually take time look and learn.
I tried sharing some of these tips with them via Twitter when they chimed into my discussions several times. They didn't seem too interested and seem to think they have it all figured out.
All I can say is “good luck on that one!”
So What Should You Do About the Breached Passwords:
1. Change the password
2. Change all site passwords that used the same passwords.
3. Do a security check on your user names/ passwords on all sites.
4. Don't give your passwords to strangers, even if they are nice. These guys were nice I think. However, what if they had of been bad nice guys? ;)
More Information on LinkedIn Security Hack:
Taking Steps to Protect Our Members 6/7/12