We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Phishing scam aimed at MySpace.com

Attractive target for identity theft

A 'phishing' site that harvested the login and credentials of MySpace.com users was removed today from a California server, a security vendor has reported.

A phishing attack involves tricking users into visiting a lookalike web page that asks for personal information, which is then sent to a hacker.

The rich trove of personal information stored on MySpace user pages is making the social networking site an increasingly attractive target for identity theft, said Ross Paul, senior product manager at Websense, which makes security software.

The attack would not have been noticed by most users, Paul said. The attack starts when a user is sent a link via AOL's instant-messaging application or a similar program.

The link is from someone in the user's contact lists, asking them to click the link to MySpace to view photos, Paul said. The link leads to a fraudulent MySpace login page. Once the victim enters their information, they are then transparently logged into the real MySpace pages, Paul said.

But a hacker then has access to personal information stored by MySpace, such as someone's address and birthday, which could be used to open a bank account, Paul said.

A hacker can also tap other instant messaging contacts or email addresses to send out the link to the phishing site, which often is done using automated programs.

"The rising popularity of this kind of meeting place is obviously increasing the potential for financial gain," Paul said. "The more information you give MySpace, the more at risk you would be if someone managed to get hold of your login information."

MySpace, started in 2004 and bought by News Corporation last year, counts at least 73 million users and is growing. MySpace's 'viral' networking model allows friends of friends to connect easily, but sexual predators have also used its features to meet underage victims.

As a result, MySpace appointed a chief security officer in April and implemented careful page monitoring.


IDG UK Sites

Best Black Friday 2014 tech deals: Get bargains on smartphones, tablets, laptops and more

IDG UK Sites

What the Internet of Things will look like in 2015: homes will get smarter, people might get fitter

IDG UK Sites

Artist creates a geometric rave in a chapel for The House of St Barnabus

IDG UK Sites

Mac mini (Late 2014) 1.4 GHz review: Mac mini is sort of upgradable, but is it any good as it is?