OCTOBER 2008

Bad Behavior

The business-oriented social networking site, LinkedIn, has had a recent bout with malware. While the threat on LinkedIn was quickly handled by the sites’ administrators, the bad online behavior seen on the site is an indicator of one type of scam that you need to be increasingly on the lookout for on any online networking sites.
 
Understanding the Threat
As most of you who use them know, social networking sites, while having many advantages to users, have long been targeted by socially engineered scams – meaning you need to take care when roaming around on these types of sites.

In terms of the bad behavior that cyber scammers acted out in mid January 2009 on LinkedIn – profiles on the site were created to act as a staging point for the distribution of 'FakeAlert' software. This malware serves typical scareware messages claiming that the user’s machine is infected and that he or she should install the rogue anti-malware application that the warning message is peddling. Despite recent attempts by law enforcement, such as the United States’ Federal Trade Commissions effort in tackling the scourge of rogue software, the fact that these applications continue to proliferate proves they still provide a significant return of investment for malware authors.

The Bad Behavior
The LinkedIn profiles themselves consisted of links that claimed to lead to pornographic images and video content of certain celebrity figures. Upon landing at these sites, victims were invited to install a codec to allow them to view the (non-existent) video; the file, however, was not a video codec, but malware.

“This method of attack continues to prove to be extremely effective,” says Lavasoft malware analyst and Research Team Leader, Andrew Browne.

“The social engineering technique being applied is, sociologically, extremely interesting; despite users’ increasing awareness of Internet safety (i.e. maintaining download discipline, avoiding untrustworthy sites, and generally being aware of the pitfalls when navigating the seedier side of the 'net), using a combination of celebrity and sex to entice continues to be effective,” Browne says.

Winning Strategies
LinkedIn.com worked very quickly to deal with this threat and to remove the malicious profiles from the site. Still, according to industry experts, the use of social engineering to proliferate scams on networking websites is likely to increase. Having updated security software on your PC is key to battling online scams, but there are additional steps you can take to navigate social networking sites safely.

1. Don’t be lured by the bait. Scammers try to lure you to open messages or click links by promising videos or information that they think will pique your interest. Be cautious about the profiles you visit, messages you answer, and links you click on social networking sites.
2. Guard your PII. Limit the personally identifiable information (PII) that you give out to others or post online.
3. Avoid installing unknown files. Scan programs and files that you download with updated security software.

Home

Buy Now Learn More Buy Now Buy Now Learn More Check the status of your PC’s drivers with the Free Scan. To upgrade your drivers, you will need to purchase the full product. Buy Now Learn More Buy Now Learn More Check the status of your PC’s drivers with the Free Scan. To upgrade your drivers, you will need to purchase the full product. Buy Now Learn More Check the status of your PC’s drivers with the Free Scan. To upgrade your drivers, you will need to purchase the full product. Learn More Buy Now Learn More Learn More Buy Now Buy Now Learn More Buy Now Buy Now Learn More Check the status of your PC’s drivers with the Free Scan. To upgrade your drivers, you will need to purchase the full product. Buy Now Learn More Buy Now Learn More Check the status of your PC’s drivers with the Free Scan. To upgrade your drivers, you will need to purchase the full product. Buy Now Learn More Check the status of your PC’s drivers with the Free Scan. To upgrade your drivers, you will need to purchase the full product. Learn More Buy Now Learn More Learn More Buy Now

Send US Your Stories
By The Numbers
Ad-Aware Anniversary Edition uses 74% less memory than Ad-Aware 2008. Read more performance stats now to see how the lighter, faster Ad-Aware stacks up against previous versions and competitor products.
Tips & Tactics
Are you the proud owner of a new PC? Find out the 5 steps you should be taking to keep your computer running efficiently, safely, and securely.
What People Are Saying
In a recent review, Neil Rubenking at PC Magazine gave Ad-Aware Anniversary Edition a perfect 10 out of 10 for blocking malware that tried to install. That’s a real honor in the field of strong competitors out there. Ad-Aware also scored better on blocking than every other product tested except for Norton – that’s better than Webroot, Spyware Doctor, Kaspersky, McAfee, and more!
Forward to a Friend
Pass on the news, tips and offers in this issue – e-mail Lavasoft News to a friend.

Lavasoft AB Odinsgatan 10, 411 03 Gothenburg, Sweden | www.lavasoft.com | editor@lavasoft.com