[WARNING] Malicious Pinterest Plugin Steals Passwords

According to THN, an independent security professional has discovered a malicious Pinterest plugin.  This browser plugin posing as a Pinterest browser extension, is actually a browser Trojan that can steal passwords, as well as modify your Pinterest Pins to link to malware sites; further spreading the malicious plugin.

They’re even utilizing a bit of a ‘visual trick’ by redirecting to a domain named pinteresf [dot] com.  Notice the ‘f’ and ‘t’ look very similar at a quick glance?  This happened years ago with myspace @ ‘rnyspace [dot] com’.

Many consignment and resale store owners utilize Pinterest to post new inventory or fashion ideas.  Please be on the look-out and be sure to discuss this with any of your employees who work with your social networking accounts.

If you don’t already have the following in-place, here are some recommended tips to help secure your system:

• Utilize ESET Nod32 Antivirus
• Ensure the user you’re logged-in to Windows as is not an Administrator
• Utilize Firefox with the following plugins – NoScript, AdBlock Plus, and Public Fox.  Public Fox lets you password protect Firefox’s options, as well as blocks downloads and unwanted browser changes.
• Utilize a web filtering service, such as Microsoft’s built-in Parental Controls web filter.
• Discuss online safety with your employees.  No matter how much you secure a system, deception and trickery can undo all of it.

If you’re uncertain if your system is secured, be sure to have your system administrator/local tech verify with you, the various security measures implemented.