Social Networking Spam
Since we are discussing spam this may be a good thing to know.
Below is an article from "Eastman Online Genealogy Newsletter".
Hope nobody has encountered this problem.
Fake LinkedIn Spam Can Steal Your Bank Passwords
This article was originally published online on Tuesday, September 28th, 2010
Beware of requests claiming to be from social networking sites!
According to Cisco Security:
Starting this morning, Monday 9/27, at 10am GMT, cyber criminals sent
spam email messages targeting the LinkedIn social media community.
Victims are emailed an alert link with a fictitious social media contact
request. These messages accounted for as much as 24% of all spam sent within a 15-minute interval. Clicking the link, victims are taken to a
web page that says “PLEASE WAITING…. 4 SECONDS” and redirects them to Google. During those four seconds, the victim’s PC is infected with the ZeuS data theft malware by a drive-by download. ZeuS embeds itself in the victim’s web browser and captures personal information, such as online banking credentials, and is widely used by criminals to pilfer commercial bank accounts.
Organizations should encourage individuals to delete such requests,
especially if they do not know the name of the contact. This is the
second spam attack this month, preceded by the “Here You Have” email worm a few weeks ago. Cisco expects to see more spam messages containing malware sent to organizations to collect personal information.
Numerous reports claim that banking passwords have been stolen and used.
Anyone using the Windows operating system is vulnerable. Most of the
anti-virus products do not yet detect this latest scam when the email
message is received, although most of the producers of those programs
will be updating their virus definitions within the next few days to add
detection. Most of today’s anti-virus programs DO detect the ZeuS data
theft malware after the PC has been infected, if the virus definitions
are up to date.
Anyone using Linux, Macintosh, or any of the handheld computer operating systems will not be infected.
If you do get caught by the LinkedIn spam and experience the four-second delay, followed by a redirect to Google’s home page, turn off your computer and IMMEDIATELY use a second computer, such as a laptop system or a friend’s system, to log onto all your online accounts and change your passwords. Then disconnect the first system from its Internet connection, boot up, and run a virus scan. You do have the latest virus program updates installed, don’t you?
You can read more in an article by Henry Stern on Cisco’s security web site at: