Image via CrunchBase
Twitter users aren't the only social networkers suffering the brunt of malicious cyber criminals today. LinkedIn members are reportedly being heavily targeted with fake connection requests that direct users to unwittingly download data-theft malware.
These fake LinkedIn requests accounted for as much as 24 percent of all spam sent within a 15-minute interval earlier today, according to Cisco. Clicking the link takes victims to a Web page that reads "PLEASE WAITING.... 4 SECONDS," then redirects them to Google.
During those four seconds, the victim's PC is infected with ZeuS, which embeds itself in the victim's Web browser and captures personal information, such as online banking credentials. Cisco advises that IT admins encourage individuals to delete such requests
This marks the second massive spam attack this month; the first was the "Here You Have" emails. More such attacks targeting organizations aimed at swiping personal information are expected, Cisco says.
Story of Dan Tynan of PC World: He saw several LinkedIn invites in my Gmail spam folder, and stupidly opened one of them inside Google Chrome. He even saw that the links inside the email were not to LinkedIn but to some oddly named third-party site. But curious about what would happen (and stupidly confident that my Kaspersky anti-malware software would protect me), He clicked it.His browser started to launch a new site, then quickly redirected to his home page.
Weird, he thought. He tried it again. Same thing happened. He figured that whatever site it was driving me toward had already been taken down by one of the anti-malware orgs like StopBadware.com, and thought nothing more about it.
A couple of hours later He logged into my banking site to check on my account. No big deal. Empty bank a/c!!!
Bottom line here: Don't do what he did. Delete any LinkedIn spam that looks even the slightest bit suspicious. Needless to say he won't be sleeping very well tonight. May you rest a bit easier.