Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Pinterest Scams: Free Starbucks, Red Velvet Cake Photos, and More
1.
2. As Pinterest, the "virtual corkboard," picks up steam,
cyber attackers have begun tainting the site with
malicious ads.
The social networking site du jour lets you clip
pretty images from around the Interwebs and pin
them to your virtual corkboard, which you share
online. Another member looking at your Pinterest
board can click into your pinned images, and get
redirected to the original site. As with Facebook,
Google+, Twitter, and other sites targeted by cyber
attackers, Pinterest offers a false sense of
legitimacy: if a survey promising free Starbucks is
on your friend's board, surely it's safe, right?
3. The Pinterest scams draw your attention with freebie
offers or enticing photos. Clicking on them
automatically redirects you to a phishing site
where you enter personal details into legit-looking
surveys. Of course, you'll never receive the
promised goods, but the scammers will use your
personal details for more nefarious purposes.
Trend Micro blogged about the Starbucks and Coach
scams, whileSymantec found offers for red velvet
cake:
4.
5.
6.
7. How are these ads spreading? Pinterest users
themselves. The first step in all these scams, said
Ben Greenbaum, a senior principal software
engineer at Symantec, is that the victim has to pin
it onto their friends' corkboards. However as
Symantec noted in its blog post, the scammers
couldn't quite get the replicating code to work.
"This isn't a technologically sophisticated
hack, there's no vulnerability within Pinterest
making it work. Like every social engineering scam
it involves scammers taking advantage of people's
trust," said Greenbaum.
8. Complicating matters for you, dear Pinterest
member, is that advertising is allowed on the
site, although the company does not take
responsibility for malicious ones. So how can you
avoid this? Symantec offers two words of
advice. The first is a healthy dose of skepticism.
"If an ad asks you for personal identifying
information, it's probably not legitimate,"
Greenbaum said.
9. The second is to install a security suite with an
antiphishing component, so that if you accidentally
click on a phishing link you'll get a warning.
Symantec's own Norton Internet Security 2012 ($69.99
direct for three licenses, 4.5 stars) suite consistently
blocks phishing sites better than almost all the rest. Of
all current suites only Bitdefender Total Security
2012 ($79.95 direct for three licenses, 4 stars) has
beaten Norton.
For more on Pinterest, see our full review. If you're
already a member, be sure to follow PCMag’s Pinterest
boards.
For more from Sara, follow her on Twitter @sarapyin.