According to a Cisco Security blog post, the spam attack started this Monday and ramped up quickly to account for over 25 percent of all spam intercepted by Cisco’s systems after only eight hours.
“In the attack, victims are emailed an alert that contains a link with a fictitious social media contact request. This morning, these messages accounted for as much as 24% of all spam sent within a 15-minute interval. Clicking the link takes victims to a web page that says, “PLEASE WAITING…. 4 SECONDS,” and redirects them to Google. During those four seconds, the victim’s PC is infected with the ZeuS data-theft malware via a drive-by download. ZeuS embeds itself in the victim’s web browser and captures personal information, such as online banking credentials, and is widely used by criminals to pilfer commercial bank accounts.”said the post.
Businesses are warned to avoid clicking links in LinkedIn email messages, instead it is good practice to visit the LinkedIn site directly by typing the URL in your web browser and logging in this way to check messages and contact requests rather than follow links in an email.
Henry Stern, Senior Security Researcher with the IronPort Systems division of Cisco says the attack relies on exploiting out of date software on your PC.
“Your PC will only be infected by this attack if you have out-of-date software installed on your PC, particularly Adobe’s Flash, Reader or Oracle’s Java that are behind on their security updates.” he said.