Malware creeps into LinkedIn

By

A rash of fake profiles on business networking site LinkedIn could put users in danger of malware infection.

Malware creeps into LinkedIn
Researchers at McAfee said that several hundred phoney profile pages on the service are tempting users with the promise of nude photos of celebrities.

When the user clicks on one of the links, they are taken to an external site which attempts to launch an iFrame browser exploit and then redirects the user to other potentially harmful sites.

"When an unsuspecting user follows the lure, he will end up on different malicious web sites trying the classic social engineering tricks of the 'missing video codec' or a fake anti-virus scan telling the user his computer is infected with malware and offering 'free' scanning software, which in fact is the real threat," wrote McAfee researcher Micha Pekrul in a blog post.

"So beware when following links, even on trusted Web 2.0 platforms like LinkedIn."

LinkedIn is used almost exclusively by professionals to manage business contacts and keep in touch with former colleagues, and has largely been spared from the scam attempts that plague larger sites.

Like all social networking sites, however, researchers expect LinkedIn to become an increasingly popular way for cyber criminals to lure new victims over the coming year.

The high traffic rates on such sites, combined with the ability to upload and share content, make the services an ideal medium for phishing and malware distribution.

A textbook example surfaced earlier this week when Twitter was hit by two major attacks. A large phishing operation plagued many of the site's users, while several high profile celebrity accounts were hacked and defaced.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Top US diplomat impersonated with AI by unknown actor

Top US diplomat impersonated with AI by unknown actor

UK police arrest four over cyberattacks on M&S, Co-op and Harrods

UK police arrest four over cyberattacks on M&S, Co-op and Harrods

Google Gemini for Workspace vulnerable to prompt injection attacks

Google Gemini for Workspace vulnerable to prompt injection attacks

Log In

  |  Forgot your password?