As we enter 2016 please remember to browse safely. Many users have a tendency to click on links without considering the risks of their actions. Please use caution before clicking on any links. Below is an example of a Linkedin account (kashif shahzad) commenting on a post that George “likes”. This is an example of how a trusted resource, Linkedin, can serve malicious content to us.

linkedin malware

If we investigate the domain we learn the domain age is less than 2 months old, registered on November 26th. This is a huge red flag!

Registration information:

linkedin hosting malicious links

Suricata and Emerging Threats flag this domain as “Likely Hostile” as it attempt to redirect to a .tk domain.

detecting malicious links

If you click on a malicious URL or believe you are a victim of Malware campaign, consider the following actions:

  • Don’t hesitate to contact your support immediately
  • Contact your financial institution immediately and close any accounts that may have been compromised. Watch for any explainable charges to your account.
  • Immediately change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.

Learn to hover over links and wait for the tool tip to decide whether or not you can click on something.  Better yet, play Click Click Phish and get yourself some phishing attack training.

 

Thomas

Thomas

Thomas Pore is the Director of IT and Field Engineering at Plixer. He developed and leads, the Malware Incident Response and Advanced NetFlow Training programs which are being offered in cities across the USA. He is also an adjunct professor at the local community college and teaches ethical hacking. Thomas travels the globe meeting with customers and trying improve the Scrutinizer network incident response system. He helps clients optimize threat detection strategies and aids in the configuration of custom incident response solutions. He has a Bachelor of Science in Computer Science from Dickinson College.

Related