These are the 3 most common subject lines that I have come across in these Spam Attacks.
- So now you’re on LinkedIn: What’s next?
- LinkedIn Alert
- LinkedIn new messages
There have been reports of an alert that contains a link with a fictitious social media contact request.
Why do they bother? Apparently it’s to spread the ZeuS malware that aims to capture your personal information and banking details.
According to a Cisco Security blog post, the spam attack started this Monday and ramped up quickly to account for over 25 percent of all spam intercepted by Cisco’s systems after only eight hours.
I first started receiving my “spam blast” on the 25.09.2010 and it went through to the 1.10.2010.
These messages accounted for as much as 24% of all spam sent within a 15-minute interval. Clicking the link takes victims to a web page that says, “PLEASE WAITING…. 4 SECONDS,” and redirects them to Google.
Here’s the trap!
During those four seconds, the victim’s PC is infected with the ZeuS data-theft malware via a drive-by download. ZeuS embeds itself in the victim’s web browser and captures personal information, such as online banking credentials, and is widely used by criminals to pilfer commercial bank accounts.”said the post.
One way you can check if it’s legitimately from LinkedIn is to hold your mouse over the link and check to see what URL shows. DO NOT click on the link.
Businesses are warned to avoid clicking links in LinkedIn email messages, instead it is good practice to visit the LinkedIn site directly by typing the URL in your web browser and logging in this way to check messages and contact requests rather than follow links in an email.
You’ll find the attack will slow until they think of a new scam.
Henry Stern, Senior Security Researcher with the IronPort Systems division of Cisco says the attack relies on exploiting out of date software on your PC. “Your PC will only be infected by this attack if you have out-of-date software installed on your PC, particularly Adobe’s Flash, Reader or Oracle’s Java that are behind on their security updates.” he said.