The LinkedIn social networking site is being used as the lure for a spam campaign targetting UK and US businesses with the data-stealing Zeus/Zbot Trojan, according to Cisco & TechWorld.
After appearing on 27 September, by 6am EST, a bogus LinkedIn reminder email accounted for up to a quarter of all spam detected by the company in a 15-minute period. Users are asked to review a contact request for a fictitious LinkedIn client by clicking on an embedded LinkedIn style link, taking the victim to a page that asks them to wait before sending them to Google. Most are unaware that anything has happened, but by this point, Zeus will have attempted to load on to the target PC.
There is plenty of evidence that Zeus variants can get past many anti-virus defences, and if successful, this variant monitors browser entries for online bank account credentials. The best defence against this attack would be anti-spam filters at gateway level of most businesses, fortified with antivirus, plus any other defences such as Trusteer’s Rapport browser plug-in which is offered to consumers for FREE by most Canadian banks.