Emails That Appear to Come From Pinterest Actually Drop Blackhole Malware

pinterest, social networks, social media, malware, spam, hackersEverybody is copying Pinterest’s look — even hackers.

Security firm Trend Micro reports that hackers have turned to emails designed to look like they are from Pinterest to lure users into clicking the links that will install the Blackhole Exploit Kit on their machines.

Hackers disguise their emails with the logos of major social networks in order to make the email appear to come from a company with whom many users have accounts.

The emails Trend Micro researchers noticed in late June report that the user’s password has been changed and offer a link to the login information. Users are apt to suspect that their Pinterest account has been hacked and will thus click on the link that purports to lead to the site. That is when the hack actually occurs.

The link send the user through a series of website redirects. It eventually instals a Trojan horse which, in turn, overrides authorization procedures to install a bit of backdoor malware called Cridex.

The malware, designed for Windows machines, captures the user’s online banking information, which allows the hackers to steal the money held in those accounts.

Users can avoid the malware by not following links in similar emails, and, instead, only changing account information on the website to which it pertains. Users should also make sure that they are running the most up-to-date versions of Java, Adobe Acrobat, Adobe Reader and Flash.

Related Stories
Mediabistro Course

Email Marketing

Email MarketingStarting January 12, learn how to create campaigns that engage subscribers, increase awareness, and drive traffic and sales! In this course, you'll learn how to create effective email campaigns to meet your company's goals and objectives, develop copywriting and design techniques, create and manage distribution lists, and more! Register now!