Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


GFI Software Uncovers Phony LinkedIn E-mails

GFI Software the security research company recently alerted Web-surfers to fake e-mails posing as communications from LinkedIn the business networking website that while circulating online were presently targeting the site's members.

Using an attention-drawing caption "LinkedIn Reminder," the bogus electronic mails have their sender's address concealed, the security company points out.

Moreover, the text of the message seems to remind the recipient that he has one e-mail still unread following which an embedded web-link named "Visit your inbox now" is provided, GFI outlines.

Additionally, according to the e-mail, users who do not wish to get notices via e-mail may change their message settings accordingly. This as well is hyperlinked.

Amazingly, the bogus electronic mail even tries to sound lawful and genuine so it seemingly assures the recipient that LinkedIn is very concerned about his privacy; d therefore it has never provided anybody else on the website his e-mail id devoid of his consent, GFI's security researchers observe.

But, talking further about the attack, the laboratory at GFI stated that if anyone were to follow the e-mail's web-links he would be taken onto one BlackHole attack code, which would install a malicious program on his computer. Gmanetwork.com published this on March 7, 2012.

The malicious program, according to GFI Labs is the Cridex Trojan that harms in many ways ranging from stealing social networking and online banking credentials to cracking the Completely Automated Public Turing-test to tell Computers and Humans Apart (CAPTCHA) system.

The security company further stated that the Internet Protocol addresses, which associated with the LinkedIn e-mail scam, looked exactly like those associated with the earlier Intuit and Better Business Bureau e-mail scams of recent weeks.

It, however, advised that incase any LinkedIn member suspected a LinkedIn-originated e-mail as false then he must visit the website directly for confirming his invites on the site itself.

Eventually, in a likewise assault targeting LinkedIn, Trusteer another security company, during June 2011, discovered fake e-mails that feigned as being sent from LinkedIn. For, if recipients followed those messages' web-link, expecting to get connected with somebody, they actually got diverted onto a malware-delivering server that was based in Russia.

Related article: GPU Processes Fast to Crack Passwords

» SPAMfighter News - 3/24/2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page