Friendster Password E-mails Surges the Fears of Website Hijacking
The appearance of the apprehensive e-mails to registered Friendster addresses, extremely reported by several Twitter users on June 02, 2010, has produced fears that Friendster database might have been compromised. A different theory is that an associate of the once popular social networking website might have disclosed the information, as reported by The Register on June 02, 2011.
The e-mails ids dispatched by scam artists, gives the impression as if they have come from Friendster, but as per the e-mail headers it certainly was not sent from the friendster servers.
They include the receiver's accurate Friendster e-mail id and password, and few users even reported getting the e-mail various times. It's not completely confirm who or why dispatched these e-mails and how they got people's Friendster plain text passwords.
There are several theories, which are being discussed. One is that the website's database was compromised and spam artists stole users' login details. It recommends that either Friendster compromised passwords in this way, which is an extremely unsafe practice, or that they utilized a weak hashing algorithm that was simply crackable.
Nonetheless, it's not confirmed what the actual objective of the e-mails is. They just say "Here is your account information for Friendster" and looks quite similar to the type of e-mails one receives after signing up.
In a previous blog report elucidating the apprehensive e-mails past net security vendor Sophos: it stated that though any individual report might be incidental, the combined weight of reports leaves Friendster with some explaining to do, as reported by The Register on June 02, 2011.
Meanwhile, users who got these apprehensive e-mails would be well suggested to modify their passwords, particularly if they made use of their Friendster password on other websites.
A user, who initially notified regarding this scam, stated that, the firm had been informed regarding the incident and it had initiated an inquiry for checking the matter. The firm said to the user that, they take reports like this one seriously and will conduct complete investigation on the matter. However, the firm stated that they are not aware of the complete time period to complete the investigation, as reported by Softpedia on June 02, 2011.
» SPAMfighter News - 13-06-2011