Last updated on April 30th, 2014
Last week LinkedIn introduced a new feature they dubbed Intro. Intro’s stated purpose, according to LinkedIn’s blog, is to display the LinkedIn profile of people who email you on your Iphone, purportedly to save you a step in trying to glean info on people you don’t know that email you. Intro is supposed to help you quickly identify spam as well as instantly provide information to you that might be helpful in closing a deal.
How LinkedIn Intro Works
The way Intro works is pretty simple: every piece of email that you send or receive is filtered through LinkedIn’s servers, where information contained therein is scraped and analyzed. If a LinkedIn user profile is located that matches the email address of the person you are corresponding with then that person’s LinkedIn information is included within the body of the email.
Security concerns of LinkedIn Intro
Although LinkedIn says emails routed through their servers are “deleted from our system” once the user has retrieved the email, the truth is this unnecessary “intro” essentially grants LinkedIn the permission to set up a form of a “man in the middle” attack, where an email is logged and then passed on to the intended recipient. Besides the fact that Intro might be a tasty lure for a phishing attack from an outside hacker…and given LinkedIn’s less-than-stellar security track record…One must consider whether or not they really want to turn over all of their emails to a social media company known for trying to squeeze every last dime out of the data they possess.
This video from Newsy does a great job explaining the security concerns of LinkedIn Intro: