Pinterest is the latest social networking craze and a favourite too of cyber criminals.
Miscreants have begun flocking to the fast-growing virtual pinboard, Symantec researchers said.
Instead of posting images that lead to legitimate websites, these scammers are pinning alluring bait, such as offers claiming to give away a free $100 gift card.
Trend Micro researchers, meanwhile, have spotted the trusted Starbucks name being used in the ruses.
"If an unsuspecting Pinterest user clicks on the link for one of the scam images, he or she is taken to an external website," Symantec researcher Nishant Doshi said.
"The website states that in order to take advantage of the offer, they must re-pin the offer onto their own Pinterest board. This helps propagate the scam, as it now gains further credibility by being posted by a trusted source. Some of the trusted source's followers subsequently fall for the same scam, then their followers as well, and so on."
Once the offer is re-pinned, users are then asked to click on a second link, which leads to an online survey that, if completed, makes money for the perpetrators
"Most scam pages ask the user to fill in surveys, sign up for subscription services, reveal personal information or even install unwanted executables," Doshi wrote.
While none of the ploys that Symantec witnessed appear to result in any malware being installed -- as has happened on other social networking sites like Facebook -- Doshi encouraged users of the barely one-year-old Pinterest, which earned 11.7 million unique visitors in January, to tread carefully.
"In light of these scams on popular social networking websites, we encourage users to avoid offers that appear too good to be true and not re-pin such content," she wrote. "We also encourage them to review their Pinterest boards and remove pins related to such scam surveys."
In addition, the site may be prone to vulnerabilities, according to a Feb. 29 Softpedia story, which chronicled a security researcher's discovery of a number at least two bugs that could lead to the takeover of users' accounts.
A Pinterest spokesperson could not be reached for comment.
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
