The Latest in IT Security

Malicious LinkedIn Campaign

03
Jun
2011

We are currently seeing a malicious spam campaign purporting to be a notification from LinkedIn. The messages look realistic, but the giveaway is the bogus link exposed when you hover over the confirm button.

The bogus link salesforceappi[dot]com leads off to a server hosting an exploit kit, which automatically attempts to load malware onto the victim’s computer by using one of a number of ‘canned’ exploits targeting known vulnerabilities.

The campaign is very similar to one we saw last September, also using LinkedIn and also leading to an Exploit Kit. Real notifications from these sorts of social networking sites are commonplace and the bad guys are preying on this. Remember, just because it looks legit, doesn’t mean it is.

Leave a reply


Categories

FRIDAY, JULY 23, 2021
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments