Pinterest's popularity attracts cyber scammers

Share this article:

And so it begins. The all-the-rage virtual pinboard Pinterest is the latest social networking darling to draw the fancy of cyber swindlers.

Pinterest is the latest social networking craze -- and that means cyber criminals aren't going to let you share images of your favorite summer sandals, button bracelets and vegan cupcakes in peace.

According to Symantec researchers, miscreants have begun flocking to the fast-growing virtual pinboard. Instead of posting images that lead to legitimate websites, these scammers are pinning alluring bait, such as offers claiming to give away a free $100 gift card.

Trend Micro researchers, meanwhile, have spotted the trusted Starbucks and Coach names being used in the ruses.

"If an unsuspecting Pinterest user clicks on the link for one of the scam images, he or she is taken to an external website," Symantec researcher Nishant Doshi explained in a blog post this week. "The website states that in order to take advantage of the offer, they must re-pin the offer onto their own Pinterest board. This helps propagate the scam, as it now gains further credibility by being posted by a trusted source. Some of the trusted source's followers subsequently fall for the same scam, then their followers as well, and so on."

Once the offer is re-pinned, users are then asked to click on a second link, which leads to an online survey that, if completed, makes money for the perpetrators

"Most scam pages ask the user to fill in surveys, sign up for subscription services, reveal personal information or even install unwanted executables," Doshi wrote.

While none of the ploys that Symantec witnessed appear to result in any malware being installed -- as has happened on other social networking sites like Facebook -- Doshi encouraged users of the barely one-year-old Pinterest, which earned 11.7 million unique visitors in January, to tread carefully.

"In light of these scams on popular social networking websites, we encourage users to avoid offers that appear too good to be true and not re-pin such content," she wrote. "We also encourage them to review their Pinterest boards and remove pins related to such scam surveys."

In addition, the site may be prone to vulnerabilities, according to a Feb. 29 Softpedia story, which chronicled a security researcher's discovery of at least two bugs that could lead to the takeover of users' accounts.

UPDATE: A statement from Pinterest said the company's engineers are working hard to fix security issues on the site and are finding ways to ensure that "fake or harmful content" doesn't make it on to public feeds.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Kevin Mitnick to sell zero-day exploits

Kevin Mitnick's new venture will develop and procure zero-day exploits, then sell them for $100,000 or more.

FBI warns of potential cyber attacks launched by ISIS hacktivists

Following U.S. military airstrikes in the Middle East, the FBI has issued a warning regarding possible cyber threats aimed at U.S. networks and critical infrastructure by hacktivists in support of ISIS.

Report: 75 million records compromised so far in 2014

Report: 75 million records compromised so far in ...

An updated report indicates that since this time last year, breaches have increased by 29.4 percent, with 568 breaches occurring this year.