The Social Network That Cried “Wolf!”

Tue, Jun 12, 2012 by Andrew Conway

If you’re reading this blog, then you’re probably aware that last week 6.5 million Linkedin passwords were compromised. On Friday the Cloudmark Research team saw a huge increase in user spam reports relating to resetting Linkedin passwords. These were not because spammers were trying to take advantage of the publicity around the Linkedin fail; those emails are stopped by our regular filters and never make to the users. No, this was a real email from Linkedin telling people whose password had been compromised how to protect their account. Over four percent of the people receiving this email, thought it was spam and sent it straight to the bit bucket. If Linkedin sends out 6.5 million emails, then a quarter of a million people are congratulating themselves on avoiding spam, and still have a compromised Linkedin password.

The Linkedin email did all the right things to be to be regarded as genuine. It was DKIM signed, it addressed the recipient by name, and it did not contain any links, just a request to type a Linkedin URL at the command line. Even so, it was taken for spam. Part of the problem is that people are used to getting email that they don’t want from Linkedin and rather than unsubscribe, some of them just mark it as spam and hope that it will go away.

Here’s how Linkedin compares with other social networks in the amount of genuine mail they send that gets manually reported as spam by their users.Linkedin Graph

We are only taking data from DKIM signed messages here, so this chart does not contain spoofed phishing emails. As you an see, the compromised email account did particularly badly, but Linkedin in general does worse that other social networks. What are they doing wrong?

When you are sign up for a Linkedin account, you are not asked what your email notification preferences are. You are just given these defaults without being told:

If you want to turn these off, it isn’t exactly obvious where to go. No, it’s not under Profile or Contacts or In Box or More or even Upgrade Your Account – you have to click on the little arrow next to your name at the top right of the page and go to Settings on the drop down menu. Good luck finding that before your first cup of coffee.

Linkedin Menu

When you do get an email from Linkedin, it may contain an Unsubscribe link (good) in tiny print at the bottom of the message (bad), it may contain an Adjust your message settings link (OK) in tiny print at the bottom of the message (blah) or it may not contain any opt out link at all (c’mon Linkedin, that’s not good enough). Best practice would be to allow email opt out at sign up time, and to make unsubscribing obvious, consistent and accessible both from both emails and web site.

Linkedin is like the little boy who cried, “Wolf.” By sending too much mail that people are not really interested in, they are getting ignored when they have something important to say.

42 Responses to “The Social Network That Cried “Wolf!””

  1. LinkedIn boosts encryption after last week's password leak | IT Security News Says:

    [...] “Over four percent of the people receiving this [warning] email, thought it was spam and sent it straight to the bit bucket. If Linkedin sends out 6.5 million emails, then a quarter of a million people are congratulating themselves on avoiding spam, and still have a compromised Linkedin password,” said Cloudmark’s Andrew Conway. [...]

  2. Amrut Says:

    I’ve tried unckecking all those boxes, still getting email from Linkedin. Really pisses me off.

  3. Bryan Says:

    I got the mail about LinkedIn’s password breach. I went to LinkedIn, performed the required password change, and then deleted my account there.

    Problem solved. Why give them personal information if they cannot be trusted with it?

  4. LinkedIn Boosts Encryption After Password Leak | | Fix-Singh - Computer Repairs LeicesterFix-Singh – Computer Repairs Leicester Says:

    [...] “Over four percent of the people receiving this [warning] email, thought it was spam and sent it straight to the bit bucket. If Linkedin sends out 6.5 million emails, then a quarter of a million people are congratulating themselves on avoiding spam, and still have a compromised Linkedin password,” said Cloudmark’s Andrew Conway. [...]

  5. LinkedIn Boosts Encryption After Password Leak | HOB Says:

    [...] “Over four percent of the people receiving this [warning] email, thought it was spam and sent it straight to the bit bucket. If Linkedin sends out 6.5 million emails, then a quarter of a million people are congratulating themselves on avoiding spam, and still have a compromised Linkedin password,” said Cloudmark’s Andrew Conway. [...]

  6. Steve Says:

    What amrut said. Still get bullshit mail even after you turn off everything.

  7. LinkedIn Boosts Encryption After Password Leak | IT Security News Says:

    [...] “Over four percent of the people receiving this [warning] email, thought it was spam and sent it straight to the bit bucket. If Linkedin sends out 6.5 million emails, then a quarter of a million people are congratulating themselves on avoiding spam, and still have a compromised Linkedin password,” said Cloudmark’s Andrew Conway. [...]

  8. LinkedIn Boosts Encryption After Password Leak | Geeklin Says:

    [...] « Over four percent of the people receiving this [warning] email, thought it was spam and sent it straight to the bit bucket. If Linkedin sends out 6.5 million emails, then a quarter of a million people are congratulating themselves on avoiding spam, and still have a compromised Linkedin password, » said Cloudmark’s Andrew Conway. [...]

  9. Mike S Says:

    Duh, this need to go INTO THE APP, NOT AN EMAIL. This is practically rule #1 of secure communications.

  10. LinkedIn Boosts Encryption After Last Week’s Password Leak Says:

    [...] “Over four percent of the people receiving this [warning] email, thought it was spam and sent it straight to the bit bucket. If Linkedin sends out 6.5 million emails, then a quarter of a million people are congratulating themselves on avoiding spam, and still have a compromised Linkedin password,” said Cloudmark’s Andrew Conway. [...]

  11. Humans Make Poor Spam Filters – LinkedIn Alert Ignored by Thousands | SiliconANGLE Says:

    [...] to the email security firm Cloudmark, almost 4% of LinkedIn users that received emails from the company incorrectly marked those [...]

  12. Humans Make Poor Spam Filters – LinkedIn Alert Ignored by Thousands | Stop Spam Tips Says:

    [...] to the email security firm Cloudmark, almost 4% of LinkedIn users that received emails from the company incorrectly marked those [...]

  13. ผู้ใช้ LinkedIn ไม่สนใจเมลเตือนให้เปลี่ยนรหัสผ่าน เพราะได้เมลจาก LinkedIn มากจนชิน | geek in th Says:

    [...] ที่มา - CloudMark [...]

  14. Hoping To Avert Disaster, Facebook Pins Link To Security Tips Atop Every User’s News Feed | TechCrunch Says:

    [...] wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  15. Hoping To Avert Disaster, Facebook Pins Link To Security Tips Atop Every User’s News Feed | Network9ja Says:

    [...] wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  16. Facebook Asks Every User For Their Phone Number and Pins Security Link Atop Homepage To Prevent Disaster | SIMPLYGRAY Says:

    [...] it wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  17. Facebook Asks Every User For Their Phone Number and Pins Security Link Atop Homepage To Prevent Disaster | Network9ja Says:

    [...] wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  18. TechCrunch | Facebook Asks Every User For Their Phone Number And Pins Security…. « Techno Junk Food Says:

    [...] it wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  19. Facebook Asks Every User For A Verified Phone Number To Prevent Security Disaster | Network9ja Says:

    [...] wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  20. Facebook Asks Every User For Their Phone Number and Pins Security Link Atop Homepage To Prevent Disaster : hotNews Indian News | India Newspaper | India Latest News | News From India | India News Daily | Current India News Says:

    [...] it wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  21. Facebook Asks Every User For A Verified Phone Number To Prevent Security Disaster | Startup Help Says:

    [...] wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  22. Facebook Asks Every User For A Verified Phone Number To Prevent Security Disaster - The Review Blog Says:

    [...] wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  23. Facebook Asks Every User For Their Phone Number and Pins Security Link Atop Homepage To Prevent Disaster Technology-Stuff.com | Technology-Stuff.com Says:

    [...] wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  24. Facebook、セキュリティー惨劇防止のため、全ユーザーに携帯電話番号の確認を依頼 Says:

    [...] もしFacebookが不正侵入され、あるいは個人がアカウントを盗まれた時、確認済み電話番号があればFacebookは被害者たちのパスワードを消去し新しいパスワードをSMSで送ることができる。つまり、ユーザーにメールを送ってパスワードの変更を依頼する方法に頼る必要がない。後者の方法はスパムと思われて無視されることが多く有効に働かないことをCloudmarkのブログが指摘している。 [...]

  25. Facebook Asks Every User For Their Phone Number and Pins Security Link Atop Homepage To Prevent Disaster | Krantenkoppen Tech Says:

    [...] it wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  26. Facebook Asks Every User For A Verified Phone Number To Prevent Security Disaster : hotNews Indian News | India Newspaper | India Latest News | News From India | India News Daily | Current India News Says:

    [...] it wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  27. Bad Behavior And How it Threatens Internet Business Says:

    [...] When social media spams back. Last week when LinkedIn sent out notifications to members about a problem with compromised passwords, about four percent, or a quarter of a million, were discarded as spam. The problem isn’t the content of the e-mails themselves, but that LinkedIn sends far too much e-mail to its users, according to the author of this article.  Cloudmark [...]

  28. Bad Behavior And How it Threatens Internet Business | TopReviewsWeb.com Says:

    [...] When social media spams back. Last week when LinkedIn sent out notifications to members about a problem with compromised passwords, about four percent, or a quarter of a million, were discarded as spam. The problem isn’t the content of the e-mails themselves, but that LinkedIn sends far too much e-mail to its users, according to the author of this article.  Cloudmark [...]

  29. Bad Behavior And How it Threatens Internet Business | Convention Center Quindio Says:

    [...] When social media spams back. Last week when LinkedIn sent out notifications to members about a problem with compromised passwords, about four percent, or a quarter of a million, were discarded as spam. The problem isn’t the content of the e-mails themselves, but that LinkedIn sends far too much e-mail to its users, according to the author of this article.  Cloudmark [...]

  30. Facebook Asks Every User For A Verified Phone Number To Prevent Security Disaster | Says:

    [...] wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  31. http://blog.spamfighter.com/hacking-2/linkedin-hacked.html Says:

    Won’t help much if someone uninstalled the app due to security concerns. Good post though

  32. Facebook Wants Your Number « Vaneese Says:

    [...] it wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  33. Bad Behavior And How it Threatens Internet Business | Electronic Staff Says:

    [...] When amicable media spams back. Last week when LinkedIn sent out notifications to members about a problem with compromised passwords, about 4 percent, or a entertain of a million, were rejected as spam. The problem isn’t a calm of a e-mails themselves, though that LinkedIn sends distant too most e-mail to a users, according to a author of this article.  Cloudmark [...]

  34. Facebook pede a cada usuário um número de telefone, | Site para Empresas – Blog sobre Internet e Criação de Site Says:

    [...] não teria que confiar em e-mail aos usuários levá-los a alterar suas próprias senhas, que o blogue Cloudmark demonstrou não funcionar tão bem desde que essas mensagens geralmente são ignoradas como [...]

  35. Facebook Wants Your Phone Number for Security Purposes | My Blog Says:

    [...] forked to a new Cloudmark blog post, that pronounced that amicable network emails mostly get ignored as spam by [...]

  36. Facebook Wants Your Phone Number for Security Purposes | cepot.info Says:

    [...] seeking users to change their possess passwords, according to TechCrunch.TechCrunch forked to a new Cloudmark blog post, that pronounced that amicable network emails mostly get ignored as spam by users.The Facebook [...]

  37. VIRTUAL SECURITY — Все о безопасности виртуальных сред » Facebook заставит пользователей сообщить номера телефонов Says:

    [...] Перейдя по ссылке на страницу «Безопасность на Facebook», пользователи узнают о том, как создать надежный уникальный пароль, распознать случаи интернет-мошенничества, а также привязать к аккаунту номер своего мобильного, который понадобится для восстановления доступа к странице в случае ее взлома. В таком случае Facebook немедленно пришлет на указанный номер SMS-сообщение с новым паролем. Письма от сервиса с предложением сменить пароль самостоятельно зачастую воспринимаются как спам и игнорируются владельцами аккаунтов, как отмечается в блоге Cloudmark. [...]

  38. Facebook Login geklaut? Netzwerk will deine Handynummer für mehr Sicherheit » t3n News Says:

    [...] unbedingt sein, dass der Betroffene die Mail zeitnah öffnet, zum anderen bleiben derartige Mails laut Cloudmark oftmals in Spamfiltern hängen. Nachteile, denen eine SMS an eine vom Anwender bestätigte [...]

  39. Virus.NL LinkedIn-gebruikers vinden waarschuwing spam Says:

    [...] spam hebben ontvangen, maar nog steeds met een gecompromitteerd LinkedIn-wachtwoord zitten”, zegt Andrew [...]

  40. The inconvenience of cyber-security – Jacinta Tobin – The Kernel Says:

    [...] if they want to ensure they are not the next victim of a security breach or virus attack. Recently, LinkedIn became the next high-profile company in the spotlight for the wrong reasons, with 6.5 million [...]

  41. Facebook Asks Every User For Their Phone Number and Pins Security Link Atop Homepage To Prevent Disaster « DevelopersArena.com Says:

    [...] wouldn’t have to rely on emailing users to get them to change their own passwords, which the Cloudmark blog showed doesn’t work so well since those messages often get ignored like [...]

  42. Online Dating Industry News 6-15-12 » Sexy New Hampshire Singles Says:

    [...] In The Social Network That Cried “Wolf!”, Cloudmark reports on the percentage of email incorrectly marked as spam by users. I wrote them and asked if they could do the same type of post about the dating industry. [...]

Leave a Reply
(will not be published)
Submit Your Comments

* Indicates a required field

Learn More About Cloudmark
Our Products
News and Events
Site Map  •  Privacy Policy  •  ©2002–2014 Cloudmark, Inc.