Share

Related Stories

  • Research shows Facebook now more popular than LinkedIn and Twitter
    The scale of social networking dominance of Facebook – with all the security implications that it poses businesses – is shown in the latest research from AVG, which claims to show that 34% of small and medium-sized businesses (SMBs) in the UK and US are using social networking in their business.
  • LinkedIn bows to pressure over “social ads” privacy concerns
    LinkedIn has responded to criticism of its "social ads" feature over its use of members' names and photos in advertisements on its website.
  • Sophos warns LinkedIn users to review their online data following privacy rule change
    Sophos has warned LinkedIn users of the need to be aware of a change to the business social networking site's privacy policy, apparently allowing the site to use member's names and photos in promotional advertisements. The change, says the IT security vendor, allows LinkedIn to use the information and pictures by default, meaning that users have to opt out of seeing their names and photos in the site's advertisements.
  • Trend Micro reports Facebook attack tapping LinkedIn
    A fraud analyst with Trend Micro is reporting that a Facebook attack currently in progress is leveraging the LinkedIn business social networking site and service.
  • New Zeus variant targeting LinkedIn members
    It looks as though members of the LinkedIn business social network are being targeted by a recoded version of Zeus. According to in-browser security specialist Trusteer, the new Zeus variant appears to be the brainchild of a group of Russian cybercriminals.

Top 5 Stories

News

Phony LinkedIn invitations lead to malware

20 April 2012

Scammers are sending out bogus invitations and message notifications to LinkedIn users that contain links to compromised websites, warned internet security firm Commtouch.

The invitations and message notification look legitimate, but if the recipient clicks on the link, he or she is directed to a “notification” page that runs scripts looking for software vulnerabilities in Adobe Reader and Acrobat, as well as Microsoft Windows Help and Support Center in Windows XP, Avi Turiel, director of product marketing at Commtouch, explained in a blog.

“Of course the malware is hugely problematic – but another issue emerges from all of these phony LinkedIn invitations – they cause malware-aware users to be suspicious about genuine invitations!”, wrote Turiel.

Earlier this year, GFI Labs uncovered a LinkedIn email phishing scam that led victims to websites offering fake prescription drugs and male enhancement products. Like the Commtouch discovery, the fake drug scam involved bogus invitation reminders.

“While like most phishing emails, hovering your cursor over the URL will reveal that the link is fake, there are still people who see the LinkedIn branding and click, thinking it’s legit. What’s more unbelievable is that some of those people will actually stay on the site and buy something. As long as these tactics work, spammers and phishers will keep using them”, wrote GFI researcher Sue Walsh.

This article is featured in:
Application Security  •  Internet and Network Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×