March 11, 2014
Scammers and hackers are beginning to discover virtual pin-up board Pinterest as another great outlet to perpetrate their malicious schemes.
The Council of Better Business Bureaus is warning pinners of a new ruse making the rounds on the social network in which the scammer sends a user a supposed e-mail from Pinterest saying a friend has shared a pin with her. The e-mail and link, which appear to be legitimate, has fooled many users into clicking, the BBB said.
“The image is different from what your friend typically pins, but it looks real,” the BBB said in a press release.
“Common scam pins include celebrity and beauty photos, giveaway offers, before and after diet pics and even infographics. The images always have tantalizing captions that urge you to click. But when you click on the image, you aren’t taken to an article or the real business’s website. Instead, you find yourself at a site selling counterfeit products, featuring a bogus news story or promoting work from home opportunities, among others.”
Although this is the latest scam to make the rounds, there are many other ways scammers can access users’ Pinterest accounts, such as using security holes in third-party applications that connect to Pinterest or incorporating malicious code into the ‘Pin This’ buttons on other websites.
Pinterest users who receive a scam e-mail or spot a spammy pin are urged to immediately report it to Pinterest by clicking the flag icon at the bottom of the image.
Other security measures recommended by the BBB are:
- Password Security — Users should always reset their password if their account has been hacked or if they used a malicious app. Start by clicking the user name at the top of Pinterest, click Settings and then follow the prompts to create a new password. Passwords should be a mix of lower and upper case letter, numbers and symbols.
- Log out — Never stay logged into Pinterest when you aren’t using it.
- Log in carefully — Only log in on Pinterest.com or the official mobile app. Never log in via sites that use a domain name such as www.pinterest.something.com. These are not affiliated with Pinterest.
- Link With Care — Always be careful about linking social media accounts. If scammers gain access to a Pinterest account, they can easily share spam pins on the linked Twitter and Facebook feeds too.
- Think first — Before repinning, hover over the image to check if the destination link is consistent with the information on the pin. Scammers often swap the links in popular pins with links to websites containing malware.
Jennifer Cowan is the Managing Editor for SiteProNews.