0
As Pinterest, the "virtual corkboard," picks up steam, cyber attackers have begun tainting the site with malicious ads.The...
The Pinterest scams draw your attention with freebie  offers or enticing photos. Clicking on them  automatically redirects...
How are these ads spreading? Pinterest users  themselves. The first step in all these scams, said  Ben Greenbaum, a senior...
Complicating matters for you, dear Pinterest  member, is that advertising is allowed on the site,  although the company do...
The second is to install a security suite with an  antiphishing component, so that if you accidentally  click on a phishin...
Pinterest Scams: Free Starbucks, Red Velvet Cake Photos, and More
Pinterest Scams: Free Starbucks, Red Velvet Cake Photos, and More
Pinterest Scams: Free Starbucks, Red Velvet Cake Photos, and More
Pinterest Scams: Free Starbucks, Red Velvet Cake Photos, and More
Upcoming SlideShare
Loading in...5
×

Pinterest Scams: Free Starbucks, Red Velvet Cake Photos, and More

106

Published on

As Pinterest, the "virtual corkboard," picks up steam, cyber attackers have begun tainting the site with malicious ads.

The social networking site du jour lets you clip pretty images from around the Interwebs and pin them to your virtual corkboard, which you share online. Another member looking at your Pinterest board can click into your pinned images, and get redirected to the original site. As with Facebook, Google+, Twitter, and other sites targeted by cyber attackers, Pinterest offers a false sense of legitimacy: if a survey promising free Starbucks is on your friend's board, surely it's safe, right?

The Pinterest scams draw your attention with freebie offers or enticing photos. Clicking on them automatically redirects you to a phishing site where you enter personal details into legit-looking surveys. Of course, you'll never receive the promised goods, but the scammers will use your personal details for more nefarious purposes.

Trend Micro blogged about the Starbucks and Coach scams, while Symantec found offers for red velvet cake:

Free Starbucks giftcard? Not so fast:


"TOO GOOD OT BE TRUE!" screams an offer for free Coaches wallets and purses:


Mmm...red velvet cake (insert Homer Simpson moan here). I know which scam I'd fall for:


How are these ads spreading? Pinterest users themselves. The first step in all these scams, said Ben Greenbaum, a senior principal software engineer at Symantec, is that the victim has to pin it onto their friends' corkboards. However as Symantec noted in its blog post, the scammers couldn't quite get the replicating code to work.

"This isn't a technologically sophisticated hack, there's no vulnerability within Pinterest making it work. Like every social engineering scam it involves scammers taking advantage of people's trust," said Greenbaum.

Complicating matters for you, dear Pinterest member, is that advertising is allowed on the site, although the company does not take responsibility for malicious ones. So how can you avoid this? Symantec offers two words of advice. The first is a healthy dose of skepticism.

"If an ad asks you for personal identifying information, it's probably not legitimate," Greenbaum said.

The second is to install a security suite with an antiphishing component, so that if you accidentally click on a phishing link you'll get a warning. Symantec's own Norton Internet Security 2012 ($69.99 direct for three licenses, 4.5 stars) suite consistently blocks phishing sites better than almost all the rest. Of all current suites only Bitdefender Total Security 2012 ($79.95 direct for three licenses, 4 stars) has beaten Norton.

For more on Pinterest, see our full review. If you're already a member, be sure to follow PCMag’s Pinterest boards.

For more from Sara, follow her on Twitter @sarapyin.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
106
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Pinterest Scams: Free Starbucks, Red Velvet Cake Photos, and More"

  1. 1. As Pinterest, the "virtual corkboard," picks up steam, cyber attackers have begun tainting the site with malicious ads.The social networking site du jour lets you clip pretty images from around the Interwebs and pin them to your virtual corkboard, which you share online. Another member looking at your Pinterest board can click into your pinned images, and get redirected to the original site. As with Facebook, Google+, Twitter, and other sites targeted by cyber attackers, Pinterest offers a false sense of legitimacy: if a survey promising free Starbucks is on your friends board, surely its safe, right?
  2. 2. The Pinterest scams draw your attention with freebie offers or enticing photos. Clicking on them automatically redirects you to a phishing site where you enter personal details into legit-looking surveys. Of course, youll never receive the promised goods, but the scammers will use your personal details for more nefarious purposes.Trend Micro blogged about the Starbucks and Coach scams, whileSymantec found offers for red velvet cake:
  3. 3. How are these ads spreading? Pinterest users themselves. The first step in all these scams, said Ben Greenbaum, a senior principal software engineer at Symantec, is that the victim has to pin it onto their friends corkboards. However as Symantec noted in its blog post, the scammers couldnt quite get the replicating code to work."This isnt a technologically sophisticated hack, theres no vulnerability within Pinterest making it work. Like every social engineering scam it involves scammers taking advantage of peoples trust," said Greenbaum.
  4. 4. Complicating matters for you, dear Pinterest member, is that advertising is allowed on the site, although the company does not take responsibility for malicious ones. So how can you avoid this? Symantec offers two words of advice. The first is a healthy dose of skepticism."If an ad asks you for personal identifying information, its probably not legitimate," Greenbaum said.
  5. 5. The second is to install a security suite with an antiphishing component, so that if you accidentally click on a phishing link youll get a warning. Symantecs own Norton Internet Security 2012 ($69.99 direct for three licenses, 4.5 stars) suite consistently blocks phishing sites better than almost all the rest. Of all current suites only Bitdefender Total Security 2012 ($79.95 direct for three licenses, 4 stars) has beaten Norton.For more on Pinterest, see our full review. If youre already a member, be sure to follow PCMag’s Pinterest boards.For more from Sara, follow her on Twitter @sarapyin.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×