An email attack targeting users of the LinkedIn social networking service this week was so active that it accounted for nearly one-quarter of all spam email sentat one point, a malware expert says.
Disguised as an invitation from someone to connect with him or her on LinkedIn, the spam is actually a phishing, or identity theft attack, “widely used by criminals to pilfer commercial bank accounts,” said Henry Stern, a senior security researcher with Cisco Systems, in a blog posting.
“This is the largest such attack known to date,” he noted.
Clicking a link in the email takes the victim to a web page that says “Please waiting … 4 seconds” during which time Zeus, a malevolent Trojan horse software program, downloads and embeds itself in the victim’s web browser..
Once embedded, it logs a victim’s keystrokes and “captures personal information, such as online banking credentials,” Stern said.
The spam attack has “slowed down a little bit … but it’s been on and off; it hasn’t stopped,” Cisco spokesman David Oro said Friday night.
Zeus has been around since 2007 and has previously attacked users of Facebook and other social networks. It is insidious because it can also steal personal information by capturing screenshots during mouse clicks and by adding fake fields on legitimate banking forms visited by infected web browsers, according to McAfee, a web security company that produces anti-virus software.
To avoid infection, the Better Business Bureau recommends keeping your anti-virus software current and deleting suspicious emails without clicking on links contained in them, checking messages directly on your LinkedIn profile page instead.