[aprssig] WARNING: Fake Linked-In Invites Being Sent Through APRSsig List
Rick Green
rtg at aapsc.com
Wed Jan 4 18:14:19 EST 2012
On Wed, 4 Jan 2012, Stephen H. Smith wrote:
> I just received a fake Linked-In "Invitation To Connect" that sends you to a
> phony Linked-In login page; i.e. a classic phishing attempt.
How do you distinguish this from a 'legitimate' Linkedin invitation?
The links in the email begin with http://www.linkedin.com/, so they look
like they'd take you to the actual linkedin site. Phishing attacks in my
experience list an actual website in the link's 'namme', but the value
points somewhere else, usually a dotted-quad numeric IP address.
Not that I'm endorsing this in any way. I consider it spam in any case.
Linkedin, as well as every other 'social networking' site, are just fronts
for industrial-scale spammers. These invitations are usually the result
of some clueless luser falling for the temptation of a button labelled
'tell all your friends how wonderful <this network> is", and by clicking
on it, they turn loose a data miner scriplet which harvests their entire
addressbook, and turns it over to the spammers.
Please, folks, have some common sense and keep your addressbook to
yourself.
--
Rick Green, N8BJX
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-Benjamin Franklin
"As for our common defense, we reject as false the choice between our
safety and our ideals."
-President Barack Obama 20 Jan 2009
More information about the aprssig
mailing list