Privacy and Security Issues on Pinterest

Pinterest is making headlines, thanks to its explosion in popularity (it reached 11.7 million unique users as of January 2012). Unfortunately, this quick growth has attracted a growing group of spammers and scammers eager to take advantage of gullible Pinterest users. In addition, some users have criticized the site for its ambiguous privacy policies, making users unsure of how—and if—they should be using the site. Consider the following issues if you’re a regular pinner.

Scammers on Pinterest

According to media website The Drum, Pinterest scammers are using attacks that they first developed to trick Twitter and Facebook users, but they’ve updated these attacks to take advantage of Pinterest’s visual nature and a loophole in the site’s platform.

Cybercriminals are now “poisoning” Pinterest by posting an enticing photo and caption that encourages the user to click to follow the link (the concept on which the site is based). However, the scammers then misdirect the links to fraudulent pages. For example, you might see a photo of a delicious cupcake accompanied by a “click for recipe” caption, or a Starbucks logo with a message that says “free gift cards to Pinterest users.” Users who click on these links can encounter the following:

  • The photo directs you to a malware-infected site that deploys viruses, spyware, or other malware to attack your computer and steal your personal info.
  • The site asks you to repin the images onto your Pinterest (to “win a prize” or “share with friends”). Once you do, your Pinterest followers are also tricked into clicking, thereby spreading the scam.
  • You are asked to complete a survey, provide username/password information, or download a form (which actually installs malware).

How to stay safe: First, make sure you have your security suite installed and updated. While browsing, remember that if an offer seems too good to be true, it probably is. Avoid clicking on links with blatant marketing language. If you do accidentally click on an image and realize you have been misdirected (keep an eye out for the aforementioned clues), immediately report the link to Pinterest by selecting the pin, then clicking the “Report Pin” button that pops up on the right-hand side of the image.

Protecting Your Privacy

As it grows, Pinterest has also come under fire for vague privacy policies, which required users to have legal rights to all content posted, prevented private boards, etc. But in March 2012, Pinterest updated its terms of service. In one of the biggest changes, Pinterest removed any wording giving it the right to sell user content, and says it will introduce private pinboards for those seeking to use the site as a personal scrapbook. Still, the social site remains a largely public forum for all its users to share content—and does not even require you to have an account to browse.

How to stay safe: Never share any personal information, such as finances, passwords, etc., and carefully consider whether the content you’re posting is appropriate and whether you’re comfortable sharing it publicly (as there are no private boards yet). Adjust your privacy settings regularly, particularly as new terms of service are released and/or the site is updated. At this time, you should adjust settings to prevent your pinboards from showing up in Google searches.

Pinterest is a powerful social media tool. But like all growing websites, it still faces serious security and privacy issues. Exercise caution at all times to make sure you have a pain-free pinning experience.

(Image source)

Privacy and Security Issues on PinterestZoneAlarm Blog

On May 23rd, 2012, posted in: Champion Security Blog by
Comments are closed.