Fake email invitations from professional networking service LinkedIn and social media giant Facebook may lead to the dreaded Cridex malware. Cridex is a rather nasty piece of work that does everything from target banks in order to steal your banking information to stealing passwords from all your social networking accounts.
In reality, the links will send you directly to a site housing a blackhole exploit kit that will attempt to take advantage of any system vulnerabilities in order to infect your PC with malware. This sneaky form of attack, is also known as a drive by download. The download is especially dangerous due to the potential of the attack being executed without detection unless your PC and antivirus software is up-to-date.
The subject line of these fake emails ranges from confirm your email address to reset your password
It is pretty easy to spot the fake emails when you see them. How can you tell the real from the fake? That’s easy, below are examples of fake emails from LinkedIn and Facebook. Note that the from email address is not from LinkedIn or Facebook. If you hover over the links you will see they are not from facebook or LinkedIn.
A word of advice, never click on links that arrive in your email from Facebook, LinkedIn, the BBB, Shaw, Telus or your local bank, always go to the site in question and check if there is something important for you to do.