[aprssig] WARNING: Fake Linked-In Invites Being Sent Through APRSsig List

[Rick Green]

On Wed, 4 Jan 2012, Stephen H. Smith wrote:

> I just received a fake Linked-In "Invitation To Connect" that sends you to a 
> phony Linked-In login page; i.e. a classic phishing attempt.

   How do you distinguish this from a 'legitimate' Linkedin invitation? 
The links in the email begin with http://www.linkedin.com/, so they look 
like they'd take you to the actual linkedin site.  Phishing attacks in my 
experience list an actual website in the link's 'namme', but the value 
points somewhere else, usually a dotted-quad numeric IP address.

Not that I'm endorsing this in any way.  I consider it spam in any case. 
Linkedin, as well as every other 'social networking' site, are just fronts 
for industrial-scale spammers.  These invitations are usually the result 
of some clueless luser falling for the temptation of a button labelled 
'tell all your friends how wonderful <this network> is", and by clicking 
on it, they turn loose a data miner scriplet which harvests their entire 
addressbook, and turns it over to the spammers.

Please, folks, have some common sense and keep your addressbook to 
yourself.

-- 
Rick Green, N8BJX

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
                                   -Benjamin Franklin

"As for our common defense, we reject as false the choice between our
safety and our ideals."
                                -President Barack Obama 20 Jan 2009