Be extra careful with opening emails from Linkedin and other popular online services! There are lots of scams floating around that try impersonate these websites. They might want to infect your PC or they might want to get your personal information or credit card details.
I have received an email from Linkedin today. It looked pretty much legitimate and first glance.
However, Not everything is THAT good. There are couple signs showing that the letter is not legitimate.
First, take a note to receiver address. The letter is not sent to me, but to several emails at once. This means same letter is sent to multiple addresses, which can not be true for personalized content : invitation requests and notifications about inbox messages.
Next tip is the URI in the links in the letter. All links are to single website : hxxp://xay10iob.info/ , which is not linkedin.
My suspicions were confirmed by visiting above mentioned link. After some redirections malware was stopped by my ESET Smart Security. After couple tries we noticed, that the first server redirects to multiple servers hosting various exploits. Some of them are cleaned already, but some are still active. The first link remains “clean” from malware, and initiates redirection only.
I recommend keeping your antivirus up to date and staying protected from similar threats. These exploits are not social network specific and you might get fake emails even if you are not registered in any of the networks.
0 Comments