March 27, 2012 5 Comments-
“Watch Out for SPAM LinkedIn Emails”
We’ve said it again and again, but to emphasise the point: never click-through a link sent to you in an unsolicited email. Now it’s LinkedIn that the spammers have been impersonating, with an email that could lead you to a very nasty trojan infection.
The email uses one of the oldest techniques in the book to trick its victims: pretending to be an invitation from the service. In fact, it’s slightly more sophisticated than that: it pretends to be a summary of your invitations.
It also pretends you have unread messages at the service, encouraging you to click the link or risk missing out on some important job-related correspondence.
And rather cheekily, even the opt-out “Don’t want to here any more updates?” link points to the same malware-serving server. Personally, I find that very bad manners.
Every link in the email takes a user to a website hosting the BlackHole exploit, which will then try to install the well-known credential-stealing Cridex Trojan on your computer.
Realistically though, you probably, a) are too smart to click an unsolicited email link and b) have adequate virus protection to stop the Cridex Trojan from doing any damage.
The real worry is your friends and family. If they’re not aware of the scams – and don’t have decent virus scanning software – their computer could be a hotbed for viral activity.
And if you need to use their computer, you can be sure that your details will be collected alongside theirs.
So what do you think, are you going to pass on this information – or this article – to a friend? If so, here’s some quick tips to prevent exploitative emails:
1. Never log-in to a site that you’ve reached through an e-mail – it could be a sophisticated spoof.
2. Never download attachments from people you don’t know or aren’t expecting a message from.
3. Try to find out where a link is going before clicking it. Do this by hovering your mouse over it to see the destination. If it’s not where it seems (like the LinkedIn email), avoid it.
Made up of various contributors' opinions and insights - the power of the collective.
Norman Safeground Blogs Archive