Hackers targetting social networking services
Submitted by Irene Kraus on Thu, 09/30/2010 - 4:49pm
I know Marlin's been posting a number of articles on security issues, so here's one of my own. ZDNet in the UK recently published an article on a known spam/exploit attack directed at LinkedIn, a popular social networking service aimed at business users. In a nutshell, this attack sent out messages that looked like the normal 'connection' request sent out by LinkedIn. The link in the message, however, doesn't take you to the actual LinkedIn site but a look-alike that will attempt to install a Trojan on the machine.
According to that report, there is only one known person who is known to have fallen for this lure. My concern is that - taking into account how easily messages can be spoofed - such a thing can occur with darn near any kind of social networking service. Moral here is, I guess, to never follow links inside e-mail messages from such sites. Go to the actual known service site, login and check your messages there! Oie!
(1 vote)
