Readit News logoReadit News
Posted by u/willmadden 2 years ago
LinkedIn forcing me to disclose my phone number to log in? No thanks
I've used Linkedin for over two decades. Now I'm being forced to disclose my mobile number in order to log in.

Given their track record of being hacked, I'm reluctant to share it with them.

Moreover, I'm already inundated with spam phone calls, and I'm not looking for another source. This is a thinly veiled attempt to harvest my data so they can hide it in a page with six dozen toggles which will periodically make my phone number visible to people who buy it if I am not logging into check what they've changed every day. Have you seen how difficult it is to opt-out of email notifications using their website?

If they were actually concerned about my security, they would give me other 2FA options that are more secure, like a Yubikey or authenticator application.

No thanks. I'm done with Linkedin.

tarek_computer · 2 years ago
I hear you. I just got officially banned permanently yesterday. I do not use their app except the web. Last month I was kicked off because they claimed that I am using an automation tool, which I don’t. The second time they kicked me out, they asked me to confirm that I do not use an automation all. I said I don’t. Yesterday, I got kicked out and was told to upload a government id such as a driving license. Shortly after, I got a message “ We've deemed the activity in your account is in violation of the LinkedIn User Agreement and Professional Community Policies. Your appeal has been denied and your account has been restricted permanently.

Please see our User Agreement and Professional Community Policies for more information.”

I am not able to talk or ask anyone at LinkedIn why I have been banned. Is it because I don’t use their app? I don’t know.

charcircuit · 2 years ago
Are you using Chrome? Do you have any extensions?
DaiPlusPlus · 2 years ago
Good point - hijacked Chrome extensions are a huge, huge security risk, especially because auto-update is on by-default. It's entirely possible every time you login to LinkedIn some dodgy code in your browser is harvesting your cookies to pass to some bots who then scrape LinkedIn.

Auto-updating extensions, and software in general, is a huge risk that people still seem unconcerned about: popular extension authors get approached by scummy ads/data/"analytics" companies all the time to inject spyware or adware into their software (even me: I have a couple of Chrome extensions with only about 20k regular users and I get an email to Chrome Developer Dashboard address every couple of months, asking me to add a small bit of JS which in-turn loads in other arbitrary JS which could be doing anything to my users' browsers - I'm proud to say that I reply to each and every of those e-mails with feigned interest, as the only morally correct course of action here is to waste their time.

tarek_computer · 2 years ago
Nothing. I only use safari to access LinkedIn via iOS and Mac OS.
universenz · 2 years ago
Right? Dude, please provide some additional context around your web browser stack because something you’re using is triggering their system. That or you’re click house neighbours are using your wifi.
TZubiri · 2 years ago
It's a standard measure to increase the cost of fake identities to decrease spam and Sybil attacks.

If you exclusively belong to communities that don't have such measures, you will be dominated by third parties who create mass accounts instead of the platform.

Choose your poison I guess.

blibble · 2 years ago
if the guy has had the account for 20 years without being banned then he's probably not a bot

its a data harvesting exercise

avarun · 2 years ago
You would think that, but you’d be wrong. Old inactive accounts get purchased and sold to bot networks all the time.
michaelteter · 2 years ago
Not to defend Linkedin, but it is always possible that new measures (filters) are devised by people who don't consider all the possible parameters.

In other words, some less-thinking Linkedin employee decides to do a thing without adequate consideration of all the information available (such as length of time of membership). Maybe Linkedin let some moron apply rules, or Linkedin is grabbing data for marketing/sales purposes, or there's an explanation we haven't realized yet.

throwawaysleep · 2 years ago
Aged Reddit accounts have a decent market. LinkedIn could easily be the same.
freitzkriesler2 · 2 years ago
I'm embarrassed to admit this but I created a fake LinkedIn account of a woman I used to rope in men for sales calls. I "friended" probably 200 odd linked in open networkers over the course of a week and then would flirt with guys using my catfish account.

Those guys would enevitably get sappy and I would rope them onto a sales call with me as a bait and switch. I hated doing sales as well as myself and got out of it in a year.

Making a fake burner linked in was trivial.

lusus_naturae · 2 years ago
What were you selling, and was your flirting via the LI app?
tamimio · 2 years ago
If you don’t need LinkedIn, don’t use it, I can’t think of any other “social media” platform that’s so cringy and weird like LinkedIn, there’s something off putting about it that no matter how I promise myself to be active there, I stop after one day. If you need it however, just get a burner phone, that’s what I do, I have a second number for all these kind of stuff, my personal never shared in any online service.
wkat4242 · 2 years ago
It's indeed sickening how seemingly sane people constantly repeat the company PR line like brainless little corporate drones. Or post stupid jokes or "investment opportunities". I immediately unfollow everyone on my feed when I see them do that. I have very few people still on it.

LinkedIn brings out the worst in people but in a really weird corporate PR packaging. Or some people really believe in their own marketing. I can't decide what's worse.

Ps I also hate all the sales people using LinkedIn to find my details and offer commercial services, usually totally irrelevant to my job. I block them and their companies immediately. But I wish I could report them to spamhaus or something. Microsoft 365 does nothing with the reports because most spammers are also their customers.

chunk_waffle · 2 years ago
LinkedIn is hot nuclear garbage. Most of the job listings are ghost jobs and the rest are ones I'd not want anyway.
OldGuyInTheClub · 2 years ago
I'm adding "hot nuclear garbage" to my maledictionary and will use it proudly (with attribution.)

I had an account in 2013 for about a month. I was old back then and quickly got sick of entry level jobs in unrelated fields "recommended" to me along with the gagworthy "Boosters-Pep!" corporate religion articles.

danwee · 2 years ago
It's easy to distinguish which jobs are fake and which are legit. At least in IT I can do that. Linkedin is crap, but it's one of the places in which you can get to know which companies are out there.
danwee · 2 years ago
I won't be the one defending Linkedin, but:

- I got all my jobs via Linkedin (e.g., either a recruiter reaches to me, or I reach a recruiter working for company X, or I search through their job ads, etc.)

- I do not use Linkedin for anything other than job search. So one can easily not look at their timeline nor stupid social posts (linkedin notifications are off, and I do not receive any notification via email)

So, yeah, it sucks if they start asking for phone numbers.

EVa5I7bHFq9mnYK · 2 years ago
I created a linkedin account once, didn't even post any resume, and it somehow found and connected me to coworkers from many years ago, whom I absolutely didn't want to know where I work and what I'm doing. Beyond creepy. I deleted account immediately and won't touch linkedin with a ten foot pole.
macintux · 2 years ago
Unfortunately all social media has become hot garbage. I re-activated my LinkedIn account because my job is at risk right now and I have no other way to contact former co-workers.

Twitter used to be my way to keep in touch. Alas.

deelowe · 2 years ago
It gives me Cyberpunk vibes.
demondemidi · 2 years ago
I have a friend who is a lawyer and has access to LexisNexis. When I found out what is in there for sale (and it's like a 30 year old service!), I kinda wanted to give up. It all feels like "Privacy Theater". Why would I worry about linked in when people can buy my most private info from so many places that I didn't even know existed?

Are we just kidding ourselves? (I live in the USA.)

landemva · 2 years ago
My approach has been, gradually, to put everything into LLCs and trusts. Mailing address is one of the storefront vendors. Two real phone numbers and a couple VOIP numbers. I mostly use Signal for people I want to speak with.

I don't yet have a good screen of the address on my driver license, as I get some perks where I live and want to keep that for now. I am using passport more domestically for ID because it does not have an address.

Basically, don't put any property or services in your name, and all mail uses the storefront address. I suppose rich folks have wealth management person at bank who recommends an attorney for these schemes. It wouldn't scale at reasonable price point to make a service for this, though I have considered it. Most people "don't have anything to hide" so they will not see value in such a service. If people won't opt out of TSA's voluntary full body scans, they won't be interested in privacy.

You can't screen everything overnight without help, so start small like put a car in a trust or LLC with address somewhere else.

The downside, or upside?, is that on paper you will have nothing. Definite upside is keeping controlling paperwork straight and replicated to people I trust.

ericbarrett · 2 years ago
Note that if you are in the US, you will have to report yourself as beneficial owner of these LLCs to FinCEN starting Jan 1 2024[0]. The government super duper promises not to leak the info[1].

[0] https://www.fincen.gov/beneficial-ownership-information-repo...

[1] https://www.federalregister.gov/documents/2022/12/16/2022-27...

Dead Comment

willk · 2 years ago
It does seem like they have a lot. I’m on mobile, so I just glanced at the site.

https://supportcenter.lexisnexis.com/app/answers/answer_view...

Deleted Comment

Deleted Comment

aesh2Xa1 · 2 years ago
You can freeze or opt-out to protect your privacy.

https://consumer.risk.lexisnexis.com/freeze

https://optout.lexisnexis.com/

demondemidi · 2 years ago
Thanks! I filled it out and it said "Your request to have information suppressed from publicly facing public records products has been received and is in process."

So that sounds like a big-F-me. "public facing"? So private is still OK? Bah! I don't know what I'm doing. :)

esafak · 2 years ago
And they have the cheek to ask you your SSN on your way out. Nice!
eganist · 2 years ago
lol, this inspired me to try to opt-out of LN and I got this beautiful and intimidating warning.

https://consumer.risk.lexisnexis.com/img/State_Use_of_Indivi...

kevin_thibedeau · 2 years ago
That's a nice business you got there. Shame if something were to happen to it...
dc3k · 2 years ago
It is infuriating how many websites require you to give out your phone number in order to sign up or log in these days.
DaiPlusPlus · 2 years ago
I would like to see a better alternative way to discourage both bot-accounts and, to a lesser extent, human-farmed accounts.

Well, we do, and it’s Device Attestation, but that’s just as bad, if not worse, honestly - at least with a phone-number we can use our own hardware.

soraminazuki · 2 years ago
From a user standpoint, I'd take privacy over not actually secure "security" practice any day.
drexlspivey · 2 years ago
Scanning your eyeballs?
wyldfire · 2 years ago
There is no better unique identifier around. perfect for mapping this website's data to Every Advertisers Data Ever.
freitzkriesler2 · 2 years ago
The best solution I have to fixing this is somewhat complicated but worth it.

First get a prepaid phone number and the card for it using some backup phone you have.

Then port that number to Google voice or some voip text service.

For some reason, when you sign up with google voice or a voip service using their number allocation tool, services know that it's a voip number.

But when you port it, they never seem to find out. I think because the profile tag for the number on the exchange side doesn't change. Someone who knows how phone infrastructure works could probably explain how the backend works.

This is how I get around 2fa using Google voice if the service doesn't want me using a voip line.

willmadden · 2 years ago
I might try this. There's no way I'm giving linkedin my phone number.
RecycledEle · 2 years ago
Demanding a phone number will not help stop the fraud.

HR execs advertising for nonexistent positions have drawers full of burner phones.

I wish fraudulent job advertisements were prosecuted as felonies. The value is typically in the hundreds of thousands of dollars, but there are no prosecutions.

wyclif · 2 years ago
What is the motivation for HR execs to flood the site with nonexistent positions, and does LinkedIn do anything to stop abuse like that?
chamoda · 2 years ago
I think there’s a pattern to increase follower count when people apply for jobs. There’s a check box automatically checked asking to follow, that means when you apply most likely you will follow the company.
ajcp · 2 years ago
Yeah, I'm at a loss for the value of that exercise. That being said I'm sure there's some super domain specific and esoteric reasoning.
akomtu · 2 years ago
Looks like big tech, chasing those +25% YoY, is progressing from data theft to data extortion: "hey, you've got a nice decade old profile with us, with lots of valuable connections, it would be sad to have it gone! you have 24 hours to give us more data, otherwise we can't guarantee safety of your profile. have a wonderful day!"