Google+, in the past few weeks, rapidly reached the milestone of 20 million users, setting an impressive record for such a new product still in invite-only testing.
Like everything popular, it’s only a matter of time before someone or a group find a way to exploit it for their own benefit. This time, the target is Google+ and the means to do it is using fake invites.
Kaspersky Lab just reported that malicious e-mails are being sent that imitate a real Google plus invite, but with disastrous consequences. The e-mail is shown in a format similar to standard invite message, but with the link modified to redirect the user to a Brazilian trojan hosted on the Dropbox service.
How to avoid this? It would be a good idea to check if the e-mail really come from Google and check if the all the links within the e-mail are from google.com, before clicking them.
This is only one example of a fake invite circulating around the Internet right now, there could very well be other fake invites with a different format, so be careful.