DPChallenge: A Digital Photography Contest You are not logged in. (log in or register
 

DPChallenge Forums >> General Discussion >> Warning: Don't click strange emails from LinkedIn
Pages:  
Showing posts 1 - 9 of 9, (reverse)
AuthorThread
 09/29/2010 08:54:21 AM · #1
Be careful, there's a very effective trojan on the loose.

You click a link in an email, it sends you to a spoof website where the trojan first determines which browser/os you're running before deciding which exploit to use to plant its code. You don't have to download anything, and apart from a 4 second delay while the browser redirects, you are totally unaware that you've been infected.

I've got about ten of these emails so far today, and they all look very convincing. Thankfully I haven't clicked the link.

Here's a news report: //www.pc1news.com/news/1571/fake-linkedin-messages-spreading-zeus-trojan.html

Here's the trojan described: //en.wikipedia.org/wiki/Zeus_%28trojan_horse%29
 09/29/2010 09:00:19 AM · #2
I've been getting some e-mails from several people lately with links. They come from people I know, but the subject lines are out of the ordinary of what I expect to get from these people, and the body is never anything other than a link. Sets off my B.S. detector right away, but some people may assume it's trustworthy, coming from someone they know. The tip-off is that it is not the kind of message you would normally get from these people. My sister in law is bringing me her laptop to run some malware removal on later today.
 09/29/2010 09:05:33 AM · #3
My brother was infected by one of these fake LinkedIn emails earlier. It surprised me, as he's a techie. He was running Opera browser on fully patched Win7. So even less common browsers running on the latest OS versions are susceptible.

He downloaded Microsoft Security Essentials which *appears* to have got rid of it.
 09/29/2010 09:09:55 AM · #4
Zeus is on the loose! LOL! Not that it's funny. I've seen a bunch of spoof links being posted on facebook recently. Someone posts something along the lines of "I got free such & such" with a link. Then later, that person will post to say they didn't post that. I wonder if this is also a variation?
 09/29/2010 09:15:05 AM · #5
The facebook 'like' scam is not as malicious - It uses a weakness in facebook to hide some javascript which means you don't have to actually click the 'like' button for it to register as a 'like' click - All you have to do is hover over the page.

Zeus is used to plant a trojan on your PC - This is then controlled by criminal gangs to steal your userids and passwords (for banking sites, paypal etc.) They can also use your PC to send out more trojan emails, which is how it spreads.

Someone running hidden code on your PC is a very bad thing - And the longer you're not aware of it, the more likely it is that they'll grab a password or two...

Fortunately the facebook 'like' trick doesn't fall into this category; all it does is spam your wall with 'likes' you don't like... :)
 09/29/2010 09:20:03 AM · #6
Thanks JH. I copied & pasted your warning to my FB page since I'm "friends" with a bunch of people who know nothing about computers.
 09/29/2010 09:24:09 AM · #7
Originally posted by JH:
The facebook 'like' scam is not as malicious - It uses a weakness in facebook to hide some javascript which means you don't have to actually click the 'like' button for it to register as a 'like' click - All you have to do is hover over the page.

Which is why I like to recommend installing a scriptblocking extension to your browser. It's a hassle to use it at first, but by only allowing the Javascript needed for a web site to work, a major point of entry for malware is blocked.
 09/29/2010 09:35:44 AM · #8
Thanks for that, yo_spiff - I'll give it a spin later.

Incidentally - I'm still receiving these fake LinkedIn emails at the rate of 1 every half hour - They're also by-passing my gmail spam filter and going straight to my inbox.

Looks like this one is spreading like wildfire.
 10/02/2010 08:02:23 AM · #9
The FBI have arrested 100 people in relation to the Zeus trojan: //www.bbc.co.uk/news/world-us-canada-11457611

Looks like they were on the way to stealing $220m from hacked bank accounts.
Pages:  
Current Server Time: 08/22/2025 06:27:06 PM

Please log in or register to post to the forums.


Home - Challenges - Community - League - Photos - Cameras - Lenses - Learn - Help - Terms of Use - Privacy - Top ^
DPChallenge, and website content and design, Copyright © 2001-2025 Challenging Technologies, LLC.
All digital photo copyrights belong to the photographers and may not be used without permission.
Current Server Time: 08/22/2025 06:27:06 PM EDT.