We’ve known for a while that spam was jumping on the Pinterest train. Now, security software service McAfee is sending out an official warning to keep an eye out for fraudulent pins.
According to McAfee, hackers have created entire toolkits that make it fast and easy to deploy new spam campaigns on the social network. Pinterest displays “pins,” or images taken from around the Web, to a “board.” These images are outbound links to various websites, and are ripe for exploitation.
“These tools are so easy that many require only the attacker or scammer to change a couple of lines of code in the available kit,” said McAfee senior research engineer Hardik Shah in a blog post. “They can literally start a new Pinterest scam within minutes!”
The toolkits come with software that has the ability to “mass-like” pins, add an account creator, mass-follow people, automate fake commenting activity, and more. These toolkits have been behind much of the malware distribution in 2011. They allow hackers/scammers to automate the process of creating unwanted content (see: Internet-crap & spam), and then distribute it.
We found a scam on Pinterest in early March that showed a picture of a Cheesecake Factory coupon, promising free gift cards to all users. Scams are often touted as a “Pinterest special,” available only for users of this special, new social site. And because it is a special, new social site, people believe the fake offer. Many of these scams also ask a user to “re-pin” the image first (broadening the circle of lies), and will then prompt that user to take a survey. This kind of activity falls in line with phishing scams, as opposed to malware attacks.
News 1 year ago