Fake celeb LinkedIn profiles lead to malware

Beware links on the network purporting to offer nude shots of Knowles, Beckham, Ricci, Dunst, Hayek, and Hudson; they lead to malware, security researchers say.

Elinor Mills Former Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
Elinor Mills
2 min read

A security researcher has discovered fake profiles for celebrities on LinkedIn that have links to malicious code, according to a blog posting on Trend Micro's site.

The celebrity profiles that are not to be trusted include ones created using the names: Beyonce Knowles, Victoria Beckham, Christina Ricci, Kirsten Dunst, Salma Hayek, and Kate Hudson. They were uncovered by Trend Micro Advanced Threats Researcher Ivan Macalintal.

In its blog posting late on Monday, Trend Micro said it was continuing its investigation. The links on the professional networking site attempt to lure viewers by purporting to be nude shots of the celebrities.

McAfee's Avert Labs Blog has more details and screenshots.

"So when an unsuspecting user gets tricked to follow the lure, he will end up on different malicious Web sites trying the classical social-engineering tricks of either the 'missing video codec' or of showing a fake AV scan and telling the user (that) his computer was infected with malware and offering a 'free' AV scanner software, which in fact is the real threat," the McAfee blog says.

Graham Cluley of Sophos also found many other fake celeb profiles and says that as recently as Thursday, the Troj/Decdec-A malicious JavaScript code was being found on them.

"It's a shame that LinkedIn (isn't) keeping a closer eye on obviously bogus profiles being created on (its) site," Cluley writes. "Undoubtedly, spammers, malware authors, and other cybercriminals may be abusing the system to link to their Web pages in the hope that it will generate a higher ranking in search engines like Google."

Representatives from LinkedIn did not immediately return a call seeking comment on Tuesday.

Fake Beyonce LinkedIn profile that contains links to malware. Trend Micro