SPOTAPOD: Chrome Extension Security Risk
#1. Installing just about any LinkedIn chrome extension
When they install, they can grab your LinkedIn cookie "li_at" from your browser and save it to their servers. Once they have that, they have unfettered access to your ENTIRE account. They can do anything because that cookie bypasses your login. They may send a refresh of your cookie on your next browser session as well to make sure the cookie is up to date.
#2. Link your account to a service company
Remember that cookie? If you are asked to link your account by a company like Taplio you are giving them your login which also gives them your magic LinkedIn cookie depicted in the video.
Even if you change your password, they can still access your account and do things on your behalf. Be careful and don't toss your cookies and lets put the HUMAN back into HUMANity.