[tbrownaw]

Why the holy flying fuck would anyone give someone they met on the Internet the ability to impersonate them? That's like online safety 101, right after not giving out your home address and vacation schedule.

Especially when that someone already has a bad reputation like linkedin has.

[MagicWishMonkey]

I had no idea that I granted them permission to send email through my account, I thought I had restricted them to the address book. I made a mistake.

[kazinator]

You don't think that giving an address book full of good addresses to known spammers is a bad idea?

Oh, it's okay as long as they send messages to those contacts using their identity, so it's not traced back to you ...

[jessaustin]

Just the address book would have been enough to allow most of the shenanigans described in this thread? Now LI know a bunch of other people that might recognize your name, and that's really all they need.

[MagicWishMonkey]

The part that really pissed me off was how they sent emails through my gmail account. They essentially hijacked my account to spam people.

[afandian]

I completely agree. It still happened to me. Like lots of other people here, I don't quite know how.

I sent a message to support saying "I never gave you permission to do this" and they took the time to reply and say "yes you did".

[basseq]

This is my problem with social-network-based SSO solutions. Why would I sign into your service with Twitter when you request the right to post on my behalf? (I've been burned by that. Never again.)