Fake celeb LinkedIn profiles lead to malware
Beware links on the network purporting to offer nude shots of Knowles, Beckham, Ricci, Dunst, Hayek, and Hudson; they lead to malware, security researchers say.
A security researcher has discovered fake profiles for celebrities on LinkedIn that have links to malicious code, according to a blog posting on Trend Micro's site.
The celebrity profiles that are not to be trusted include ones created using the names: Beyonce Knowles, Victoria Beckham, Christina Ricci, Kirsten Dunst, Salma Hayek, and Kate Hudson. They were uncovered by Trend Micro Advanced Threats Researcher Ivan Macalintal.
In its blog posting late on Monday, Trend Micro said it was continuing its investigation. The links on the professional networking site attempt to lure viewers by purporting to be nude shots of the celebrities.
McAfee's Avert Labs Blog has more details and screenshots.
"So when an unsuspecting user gets tricked to follow the lure, he will end up on different malicious Web sites trying the classical social-engineering tricks of either the 'missing video codec' or of showing a fake AV scan and telling the user (that) his computer was infected with malware and offering a 'free' AV scanner software, which in fact is the real threat," the McAfee blog says.
Graham Cluley of Sophos also found many other fake celeb profiles and says that as recently as Thursday, the Troj/Decdec-A malicious JavaScript code was being found on them.
"It's a shame that LinkedIn (isn't) keeping a closer eye on obviously bogus profiles being created on (its) site," Cluley writes. "Undoubtedly, spammers, malware authors, and other cybercriminals may be abusing the system to link to their Web pages in the hope that it will generate a higher ranking in search engines like Google."
Representatives from LinkedIn did not immediately return a call seeking comment on Tuesday.