Am I at risk from LinkedIn invitations?

I've received 3 invites since 9/26. I always first check my email on my ISP before opening my email client. I did open them to see if they were really from my friends(didn't help) but didn't click any links. Actually one of them came in the name of one of my friends but he isn't even in my contacts since I got this PC over a year ago, the other 2 are.

So has my email been harvested or theirs or what?

I have Avast & MBAM Free versions.

Thank you,
grits

When they sign up for LinkedIn, they are encouraged to send a link to everyone in their contact list. If your e-mail address is still in their contact list, you get the spam. Just ignore/delete the invitations or join LinkedIn.

Thank you.

You are welcome.

I get these invites too. I just delete them.

Since my last post, I went hunting info & found several old articles (Sept.,Oct. 2010) about a trojan from clicking links in the invites. Coincidence in timing? I also found a more recent article, something about "LinkedIn denies harvesting". Am thinking that I best send a note to all my contacts 'cuz most of them aren't as cautious as we are, will have to see if I can re-find the recent article to send to them.
Thanks again.

Are you a member of LinkedIn?

Access to e-mail contacts is part of the sign-up process.
It is not really harvesting if they ask your permission.
People can opt-out.... but some of my contacts did not do so.

For what it is worth: I removed the e-mail address for the screenshot below. That made the Continue button inactive. I could not just type or paste the e-mail address back in. I had to go back and complete step 1 again before I could get past step 2 (without skipping step 2). I should have just edited out the e-mail address using Paint




@derekimo
Even though you asked your question of the OP, but I'll answer it too.
I'm not a member of LinkedIn.

@derekimo
Even though you asked your question of the OP, but I'll answer it too.
I'm not a member of LinkedIn.

I was just thinking that unless you are a member, you don't have to worry about sharing your contacts.

derekimo said:

@derekimo
Even though you asked your question of the OP, but I'll answer it too.
I'm not a member of LinkedIn.

I was just thinking that unless you are a member, you don't have to worry about sharing your contacts.

True - but that does not stop the incoming spam from LinkedIn because others signing up did not opt out of this "share" processes.

This LinkedIn spam has been mimicked by those spreading malware. Unfortunately, if the LinkedIn invite came from a Yahoo account, it might be that the e-mail account has been compromised on Yahoo's end. The owner/user of the Yahoo e-mail account may have a perfectly clean computer and might have changed their e-mail account password over and over - yet spam continues to be sent from their account. The spam remains in the Yahoo e-mail account's sent folder... so not a spoofed sender address.

A 2012 article that mentions Yahoo and LinkedIn breaches:
http://bits.blogs.nytimes.com/2012/0...ail-aol-users/
Yahoo's breach came via the ancient issue of SQL injection.

I realize the spam wont stop, I was mainly asking because of this comment.

grits said:

Am thinking that I best send a note to all my contacts 'cuz most of them aren't as cautious as we are