Following the theft of millions of passwords, users of the social-networking site are now being asked to 'confirm' their emails then taken to a site selling counterfeit drugs.
Cyber criminals are taking advantage of the fears Linked In users have that their passwords were stolen with a spam campaign, according to security company ESET.
The emails purporting to come from the social-networking site are asking users to ‘confirm' their email address by clicking on a link. If they do they are taken to a website selling counterfeit drugs.
Cameron Camp, ESET security adviser, said in a blog: "Several people have notified us that they received emails today asking them to confirm their Linked In email addresses and we have determined that these are a scam."
On Wednesday nearly seven million Linked In user passwords were stolen and many of these have been cracked and posted online. Cameron said it was not known if the current spam campaign is a co-ordinated attack or just cyber criminals taking advantage of the situation.
"Because similar emails have been circulating for some time, it is hard to say if this is an example of a co-ordinated scam designed to leverage the security breach made public [Wednesday], or simply a coincidence (like getting a phishing email asking you to reset your Bank of America online banking password two days after you opened an account there).
"We are investigating the exact details but in the meantime please DO NOT CLICK on links in email to change or verify account information, at Linkedin.com or on any other membership site. Instead, navigate to the site directly by typing in the address bar in your browser," he warned.
Read more: http://www.computeractive.co.uk/ca/news/2183047/linkedin-users-targets-spam-campaign-following-password-theft#ixzz1xDxuOqs8
No comments:
Post a Comment