According to networking specialist Cisco, the fake LinkedIn requests accounted for as much as 24% of all spam sent within a 15-minute interval earlier today.
Users who clicked on the link were sent to a web page that reads "PLEASE WAITING.... 4 SECONDS," then redirects them to Google.
Those four seconds are when the user's machine is infected with ZeuS, Infosecurity understands and, judging from IT security forum postings, as well as Twitter messages, a sizable minority of LinkedIn users appear to have fallen for the scam email.
According to Cisco, the ZeuS data theft malware is effectively a drive-by download, since the malware embeds itself in the victim's web browser and captures personal information, such as online banking credentials on the fly.
Cisco is recommending that internet users should delete LinkedIn requests, especially if they do not know the name of the contact.
What makes the attack vector unique, says the networking company, is the combination of the extremely high volume of messages transmitted, the focus on business users, and the use of the ZeuS data-theft malware.
This strongly suggests, the firm notes, that the criminals behind this attack are most interested in employees with access to financial systems and online commercial bank accounts.