PhishSpace
MySpace target of hybrid phishing scheme:
No not that Phish (Phish broke up man?).MySpace is being used by phishers in order to steal your identity…
Users of the immensely popular MySpace.com social networking website are being targeted in a new “hybrid” phishing scheme aimed at stealing their identity, one security firm warned today.
Researchers at the Maitland, Fla.,-based Aluria Software said today that scammers are posting malicious links on MySpace, which is among the top five most visited websites, according to traffic-ranker Alexa.
“When you’re dealing with an entity that large, people with malicious intent come and try to exploit that technology,” said Hiep Dang, Aluria’s director of threat research and engineering. “It’s just like email.”
Users who double-click on the links � located on some of the profile pages of MySpace’s more than 50 million members � are sent to a bogus site that resembles the real thing, Dang said.
The MySpace member then is prompted to re-enter login account information, then captured by the attackers, Dang said. The hope is their MySpace username and password is the same information they use to access sites where online transactions are made.
The fraudsters combine some other malware, such as a trojan or keylogger, to determine where else on the internet the user might enlist that same login information, Dang said.
“They could potentially use it in their bank account,” he said.
A spokesperson from MySpace did not return telephone calls seeking comment.
One more reason to keep your personal information off of MySpace.
Tags: phishingRelated Stories
POSTED IN: Criminals
1 opinion for PhishSpace
jade
Mar 31, 2006 at 9:56 am
nah man, go back to sleep.
Have an opinion? Leave a comment: