"Pinterest Tool" scam aimed at stealing login credentials
Posted on 08.07.2013
Last week we warned about fake "Password changed" emails targeting users of the popular photo-sharing website, but there has been a general uptick in Pinterest-themed scams and malware distribution schemes lately.

This week Finnish security professional Janne Ahlberg has described his encounter with a scam that tries to trick users into downloading a browser add-on that is purportedly needed to continue with the Pinterest browsing and to "enjoy more features":


This "Pinterest Tool" is promoted via diet posts / spam on the website, which redirect users to the typo-squatting pinteresf.org domain where add-ons for Chrome and Firefox are pushed onto users.

Unfortunately for the victims, the plug-in is malicious: it collects usernames and passwords from the websites they visited and sends them to a remote server controlled by the scammer.

"Iím certain there are other similar attack tools," says Ahlberg, and warns: "If you see similar kind of 'tool' offer, just close the browser window. Selecting 'no thanks' most likely leads to plug-in installation."

It's interesting to note that this is not the first time the "Pinterest Tool" is being offered to unsuspecting users. Almost exactly a year ago, IT pro Jason Hamilton detected and described an almost identical campaign.

At the time the scammer used a different redirection path, a different typo-squatting domain (pintrerets.com), a different wording of the pop-up message, and targeted only Firefox users (all others were redirected to the wanted recipe site).

"Grabbing the 2KB .xpi addon file from another browser and examining it as I learned with updating Firefox addons, I was able to see that the addon monitors when you load a page and inserts information into the header," he wrote at the time, adding that it would also build a random domain and run a function with botnet in the name, as well as pull more files from the domain from which the "tool" is served to the victims.

"With Pinterestís high click-through rate, it is likely to continue being a target in the future for delivering malware and misleading users," he stated, and it turns out he was right.

It's disheatening to see that these type of scams are still working and, unfortunately for all of us, will likely continue working in the foreseeable future.









Spotlight

Infographic: 25 years of the firewall

Posted on 24 July 2014.  |  The firewall turned 25, and McAfee is celebrating with an infographic that creatively depicts its lifetime. If you take a moment to scan the infographic, youíll notice the firewall's introduction and evolution coincide with certain security events.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Jul 25th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //