Web Hosting Security

  Home arrow Web Hosting Security arrow Fraudulent LinkedIn Emails Used to Spr...
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WEB HOSTING SECURITY

Fraudulent LinkedIn Emails Used to Spread Zeus Trojan
By: wubayou
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 1
    2010-10-07

    Table of Contents:

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     

    SEARCH WEB HOSTERS

    TOOLS YOU CAN USE

    advertisement
    At the beginning of last week, September 27, to be exact, Cisco Security detected spam email disguised as legitimate LinkedIn messages. Cisco claims that the attack is the largest of its kind to date. It is being used to transmit the data theft malware known as the Zeus Trojan virus.

    The email messages used in the attack looked like legitimate LinkedIn invitation reminders from a social media contact. Although the links appeared to be authentic, clicking on them actually drove users to a different web page. Once there, a message appeared that said “PLEASE WAITING....4 SECONDS.” That message eventually gave way to a redirect to Google. 

    While the redirect to Google may have made the unusual event look harmless, such could not be further from the truth. Within the four seconds prior to the Google redirect, a drive-by download occurs where the user's computer becomes infected with the Zeus Trojan. The infected computer can then be used by hackers to obtain sensitive information to access financial accounts, such as banking passwords.

    The LinkedIn spam attack is not the first of its kind, but it is the largest in terms of the volume of messages distributed. At its height, Cisco reported that the attack accounted for nearly one-fourth of all the spam messages sent within a 15-minute period. 

    Besides its massive volume, the LinkedIn attack is also unique in terms of the focused manner in which it took place. By sending emails concerning business contacts, it's likely that the hackers behind the messages wanted to lure in business associates that were using machines in which they accessed commercial bank and other financial accounts. If the victims used those machines after being infected with the Zeus Trojan, the hackers could conceivably gain access to the funds within such accounts.

    Other social networking sites besides LinkedIn have been used in the past as avenues to spread viruses as well. The Cutwail botnet is one such entity that has been behind such attacks, as it has sent spam messages in the past that impersonated social networking sites in an effort to bait unsuspecting users. To demonstrate how lucrative this practice is, the FBI reported that in 2009 more than $100 million was stolen from commercial bank accounts by hackers using similar procedures.

    To protect against the attacks, there are a few methods to follow. Antivirus and security software should be running in the most updated versions available. In addition, browser software, such as Flash, Java, and Adobe reader should be running with the latest security updates installed. Firefox users have the option of blocking JavaScript by installing the NoScript plug-in. In the case of the LinkedIn attack, one measure of protection would be to go to the LinkedIn site itself by typing its address into the browser and then logging into the account to see if there are any legitimate invitations. Even simpler, requests from contacts which are unknown can just be deleted.

    For more on this topic, visit http://news.cnet.com/8301-27080_3-20017971-245.html?tag=mncol;title


    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    More Web Hosting Security Articles
    More By wubayou

    WEB HOSTING SECURITY ARTICLES

    - For Online Security, Invest in People
    - World`s Third-Largest Botnet Bites the Dust
    - Yahoo Security Breach Highlights Poor Practi...
    - How to Prevent Mobile Malware
    - FBI Issues Internet Security for Travelers a...
    - More of the Top Internet Scams
    - How to Stop Phishing Scams
    - Social Networking Safety Tips
    - How to Avoid Financial Fraud Online
    - Android`s Most Notorious Trojans and Viruses
    - GFI Report Details Top 10 Threat Detections ...
    - Sophos Releases Security Threat Report 2012
    - Facebook Safety Tips for 2012
    - Email Scam Hits Apple Users
    - Tips for Mobile Security

    Developer Shed Affiliates

     




    © 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap