Risk Level: Very Low. Type: Trojan, Virus, Worm.

Risk Level: Very Low. Type: Trojan, Virus, Worm.

The continuing increase in visitors to the Pinterest site may be a primary cause why it’s becoming a hit for cybercriminals’ scams and schemes. In March, we spotted scammers using popular brands to lure users into “pinning” fake posts that led to surveys scams. This new wave of survey scams I found came from my search using “pinterest” as keyword.

Users who re-pin the posts from the sample above will most likely spread the post.

In addition, I also spotted posts using URL shorteners such as bit.ly and goo.gl. When clicked, the shortened URLs/the fake posts lead to any of the following URLs:

• http://pinterest.co{BLOCKED}t.info/?419
• http://pinterest.com-{BLOCKED}key.info/Thank-You/fb/
• http://pinterest.co{BLOCKED}s.info
• http://pinterest.{BLOCKED}one.info
• http://pinterestgift.{BLOCKED}hing.info
• http://pinterests.{BLOCKED}onus.info

Upon clicking the link, users are redirected to a Pinterest-like webpage offering prizes, vouchers, gift cards and others:

Made to resemble like a typical Pinterest webpage, the fake site features a search field, add+, an about. However, these are mere images and are not clickable. The clickable links are those that redirect to survey scams such as Body Age Quiz.

After a user fills out the fields required in the scam page, users are also required to enter their mobile numbers. Users who do provide their numbers will receive a code on their mobile phones and will continue to receive unwanted messages, charges and other scams via text message.

And Via Email, Too

Another thing I’ve noticed is that the fake site requires an email address:

Users entering their email addresses are brought to complete several steps to get the supposed offer. Users receive an email claiming to be from Pinterest. The email urges the user to click on the link found in the message body to confirm the subscription. Clicking on the link redirects the user to a Pinterest-like scam page. Again, all the clickable links lead to the same scam pages.

Upon closer investigation of these attacks, I noticed that before users are redirected to the fake Pinterest sites, the connection passes through ad-tracking sites. This way, the number of visitors are tracked, determining the supposed earnings of the scammers. Based on our data, the fake Pinterest URLs are being visited since May 2. Fake Pinterest posts hosting scams are likely to spread within Pinterest via users who re-pin the posts. The “offers” in these fake Pinterest posts look enticing after all. Plus, some users would want to ask the rest of the Pinterest community to verify such offers, like this user.

Pinterest has since removed some of the fake Pinterest posts. Trend Micro users are also protected from these scams by the web reputation technology in our Smart Protection Network™.

Post from: TrendLabs | Malware Blog - by Trend Micro

Bogus Pinterest Pins Lead to Survey Scams

Risk Level: Very Low. Type: Trojan.

Risk Level: Very Low. Type: Trojan.

Risk Level: Very Low. Type: Worm.

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Risk Level: Very Low. Type: Worm.

Severity Rating: Critical
Revision Note: V1.1 (May 16, 2012): Added a link to Microsoft Knowledge Base Article 2681578 under Known Issues in the Executive Summary. Also added Microsoft .NET Framework 1.1 Service Pack 1 to the Non-Affected Software table and corrected the update replacement information for Microsoft Office. These were informational changes only. There were no changes to the security update files or detection logic.
Summary: This security update resolves three publicly disclosed vulnerabilities and seven privately reported vulnerabilities in Microsoft Office, Microsoft Windows, the Microsoft .NET Framework, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType font files. An attacker would have no way to force users to visit a malicious website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website.

Risk Level: Very Low.

Risk Level: Very Low. Type: Trojan.

Risk Level: Very Low. Type: Trojan.

Risk Level: Very Low. Type: Trojan.

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Risk Level: Very Low. Type: Trojan.

Risk Level: Very Low. Type: Trojan.

Risk Level: Very Low. Type: Trojan.

Risk Level: Very Low. Type: Trojan.

Risk Level: Very Low. Type: Trojan.

Risk Level: Very Low. Type: Trojan, Virus, Worm.