Blog

What Cybercriminals Learn About You From LinkedIn and Company Websites

What Cybercriminals Learn About You From LinkedIn and Company Websites

In the world of cybersecurity, public information is ammunition. And for cybercriminals, two of the most valuable open sources of reconnaissance are hiding in plain sight: your LinkedIn profiles and your company website.

While most businesses focus on defending against malware, ransomware, or phishing links, they often forget that the first stage of any serious cyberattack is reconnaissance. Cybercriminals are watching what you post. They’re reading your job descriptions. They’re mapping out your company’s structure, technologies, and weaknesses all without ever touching your network.

In this post, I’ll show you how attackers weaponize your public presence, the specific data points they extract, and how you can harden your digital footprint without sacrificing visibility.

Why Recon Matters: The First Stage of the Cyber Kill Chain

Before cybercriminals breach your firewall or send a phishing email, they spend time profiling your organization. This is called Open-Source Intelligence (OSINT). Their goal is simple:

  • Understand how your business works
  • Identify who to target
  • Learn what technology you use
  • Find ways in that won’t raise red flags

LinkedIn and company websites provide a goldmine of intel for this process.

What Cybercriminals Learn From LinkedIn

1. Employee Hierarchies and Key Roles

Job titles like “Chief Financial Officer” or “Accounts Payable Specialist” tell attackers who might have financial access or authority. “IT Administrator” or “Network Engineer” reveals who manages infrastructure and often, privileged credentials.

2. Team Structures and Departments

Attackers use this to craft highly targeted spear phishing campaigns. If they know your HR manager’s name, they’ll spoof an email to payroll. If they know your CEO is out of office because they posted about a conference, they’ll impersonate them in a BEC scam.

3. Tools and Technologies

Employees proudly list tools like Salesforce, AWS, Microsoft 365, or Fortinet. For an attacker, that’s like shouting out your tech stack. Now they know what vulnerabilities or exploits to look for.

4. Current Projects and Campaigns

Announcing a new cloud migration initiative or remote work rollout shows attackers when your team is distracted and where potential misconfigurations might exist.

What They Learn From Company Websites

1. Organizational Structure and Contact Info

Company “About Us” pages often include names, emails, phone numbers, and sometimes bios. Great for building social engineering profiles or creating fake email identities.

2. Vendors and Partners

List of partners? Perfect. Attackers can target third-party vendors to gain indirect access to your systems.

Many company websites link to portals like employee login, client dashboards, or admin pages. Cybercriminals crawl sites for these and launch brute force or credential stuffing attacks.

4. News and Press Releases

Your latest press release announcing a new product launch or office expansion shows where your attention is. That’s when attackers strike.

Real-World Case: How OSINT Enabled a Successful Attack

During an investigation for a mid-sized marketing agency, we discovered the initial breach began with a custom phishing email that impersonated their CEO.

The attacker had used LinkedIn to identify the CEO’s executive assistant, confirmed via the company’s team page, and noticed the CEO was attending a public event he had posted on LinkedIn. The attacker then sent a spoofed email from a Gmail address that looked nearly identical to the CEO’s, requesting a wire transfer urgently before he boarded a flight.

Twenty-seven thousand dollars was sent. No malware. No exploit. Just public data and smart social engineering.

How to Reduce Your OSINT Footprint Without Going Invisible

1. Limit Oversharing on LinkedIn

  • Avoid listing internal tools, exact tech stacks, and sensitive project names
  • Encourage employees to use generic role descriptions such as “Finance Professional” instead of “Head of Wire Transfer Operations”
  • Train your team to recognize social engineering risks from over-disclosure

2. Harden Your Company Website

  • Avoid publishing direct contact emails, use contact forms instead
  • Remove or obfuscate URLs to internal portals
  • Review site metadata for sensitive information embedded in page code
  • Hide “employee login” pages behind a separate domain or VPN

3. Enable External Threat Monitoring

Use tools like:

  • HaveIBeenPwned for leaked employee credentials
  • SpyCloud, SOCRadar, or Recorded Future for brand and OSINT monitoring
  • Google Alerts for your company’s name and key personnel

4. Create an OSINT Audit Process

Review public-facing employee profiles and company content quarterly
Search your domain in Google with advanced operators:
site:linkedin.com "company name"
site:yourdomain.com filetype:pdf

5. Educate Your Staff

Host regular security awareness sessions focused on:

  • LinkedIn hygiene
  • Social engineering
  • Real-world examples of OSINT-enabled attacks

Final Thoughts

In today’s digital world, your threat surface isn’t just your network, it’s your narrative. What your employees post, what your website reveals, and what attackers can learn without lifting a finger may be all they need to compromise your business.

You don’t need to go dark. You just need to be intentional. Because to a cybercriminal, your LinkedIn activity isn’t marketing, it’s a map.

Let’s close the map. Let’s harden the perimeter.
And as always, let’s discuss security.