A major new malware spam campaign mimicking invites sent via business networking site LinkedIn.com leverages user trust and a kitchen sink of browser exploits in a bid to install the password-stealing ZeuS Trojan.
The spam campaign began Monday morning, according to security experts at networking giant Cisco Systems, and for a while the fake LinkedIn invitations accounted for as much as 24 percent of all spam. Recipients who click links in the message are taken to a Web page that reads, “Please Waiting, 4 seconds,” and then sent on to Google
Read his full article here
The safe work around?
When you receive the email, delete it. Go to your LinkedIn inbox and if there is one there, process it within LinkedIn
