Hackers targeting social networking services

IKraus's picture

I know Marlin's been posting a number of articles on security issues, so here's one of my own. ZDNet in the UK recently published an article on a known spam/exploit attack directed at LinkedIn, a popular social networking service aimed at business users. In a nutshell, this attack sent out messages that looked like the normal 'connection' request sent out by LinkedIn. The link in the message, however, doesn't take you to the actual LinkedIn site but a look-alike that will attempt to install a Trojan on the machine.

According to that report, there is only one known person who is known to have fallen for this lure. My concern is that - taking into account how easily messages can be spoofed - such a thing can occur with darn near any kind of social networking service. Moral here is, I guess, to never follow links inside e-mail messages from such sites. Go to the actual known service site, login and check your messages there! Oie!

Mailbag Summary

The Mailbag section contains copies of received messages from sponsors and affiliates. These can be: special offers, newsletters, web seminar notices, or any combination of the above. Please check out the Sponsorship Overview for details on how to become a sponsor if interested!

Subscribe to Mailbag Summary