By: Fahmida Y. Rashid
2010-09-27
Cisco Systems says spammers targeted LinkedIn members with fake connection requests that downloaded a worm known for stealing user bank account information.
Malicious cyber-criminals aren't just targeting Twitter users; LinkedIn members are in their crosshairs, as well.
LinkedIn members were reportedly deluged with spam e-mail messages masquerading as connection requests from the career-oriented social networking site Sept. 27.
Clicking on these requests sent users to a Website that displayed "PLEASE WAITING...4 SECONDS" before redirecting them to Google. During those 4 seconds, the Website downloaded Zeus data-theft malware onto their PCs, according to Cisco Systems.
Zeus, which embeds itself in the victim's Web browser and captures personal information such as online banking credentials, is widely used by criminals to pilfer from commercial bank accounts.
These messages accounted for as much as 24 percent of all spam sent within a 15-minute interval in the morning of Sept. 27, Cisco said. Cisco recommends that IT administrators warn users to delete connection requests, especially if they do not know the name of the contact.
Social networks are increasingly becoming a target for cyber-criminals. Twitter was hit over the weekend by a worm associated with a "WTF" tweet and a link, as well as the cross-scripting exploit that crippled Twitter.com the week of Sept. 20. Facebook users have not been immune, either.
Spam remains a popular form of attack, as with the "Here You Have" e-mail worm that wreaked havoc earlier in September. Cisco expects to see more spam messages containing malware sent to organizations to collect personal information.
LinkedIn has not yet publicly acknowledged the spam attack, nor warned users about the messages.
http://www.eweek.com/c/a/Security/Spammers-Target-LinkedIn-Members-with-Malware-869319/?kc=EWKNLEDP09292010D
Founded in 1991, Future Quest Technologies was created based on a fresh consumer need: on-site technology delivery. Future Quest Tech strove to be, and successfully became, a woman-owned trusted provider of Information Technology products, services and support. For 20+ yrs now, I've focused on financial crimes and digital investigations. My aim is to guide other FinCrime Investigators to be the best investigators they can be.
Subscribe to:
Post Comments (Atom)
-
Missing evidence is not the same as missed evidence or evidence that is lost. When I speak of missed evidence it relates to evidence that...
-
Romance and Pig Butchering Scams: History, Impact, and Prevention By Eina JL Schroeder, CAMS/CFCS Romance Scams Imagine your single, read...
-
It’s a little more complicated than just copying data By Barbara Krasnoff Sep 2, 2020, 4:35pm EDT Two-factor authentication (2FA) is ...
No comments:
Post a Comment