Fake Pharma, Malware Target Pinterest

Pinterest is a really cool service where you can literally spend hours finding the most amazing ideas in a friendlier and more visual way than any other search engine.

The ‘virtual pin-board’ social site, has gained a lot of momentum and become one of the highest referral traffic sites for retailers.

As such, it is not a big surprise that it is a popular choice for scammers and malware authors.

Dubious online pharmaceutical companies use and abuse Pinterest to promote their ‘products’:


Whenever I see a bunch of followers or ‘Likes’ I always wonder who these people are. In many cases, they are simply fake accounts created for the sole purpose of spreading spam.

It’s always fun to check out the sites that sell these “Made in Canada” drugs. The one from the picture above is hosted in the Isle Of Man (U.K.), a strange place to be, don’t you think?

The bad guys are also going after Pinterest’s growing user base by sending spam emails claiming to be from Pinterest itself, asking for a password reset, as reported in early July by security firm Trend Micro.

Instead of a password reset, the victim is redirected to the infamous Blackhole Exploit Kit that delivers multiples exploits to infect the user’s computer.


Pinterest-themed URLs (screenshot courtesy of urlquery.net)

If you are a Pinterest user, please beware of the countless fraudulent products that are out there. While there are periodic sweeps for spam and fake profiles, there are scams running constantly.

As always, you should be careful about following external links when browsing the virtual boards as they can lead to malicious websites.

Finally, watch out for phishing emails that ask you to reset your password or the like. These emails are well crafted, and as a rule of thumb it is safer to avoid clicking links within emails. If you must change your password, you can simply type the website’s URL in your browser and then log into your account.


Jérôme Segura

Principal Threat Researcher