Scammers Collect MySpace Passwords Via Phishing
There is a warning for MySpace users about a phishing scam and suggestion to check for active anti-phishing tools in their browsers.
In a statement in the Washington Post, Brian Krebs warned of a scam website that resembled the login page of MySpace and seemed to access usernames and passwords of about 60,000 users. The scam sends out junk e-mails to lure MySpace members.
Krebs explains the phishing site, which got prominence owing to the unsolicited e-mails it blasted, looks exactly like the original MySpace.com login page. The server of the scam website has a special text file that includes a host of usernames i.e., e-mail addresses and passwords. This proves how successful fraudsters are in phishing scams.
According to computer specialist Rob Bochan's views in news that News Channel 9 WSYR published sometime, phishing is essentially redirecting to a false destination, where the victim thinks he is going somewhere but actually lands up elsewhere. This is just what happened to those 60,000 visitors who thought they were on MySpace.com but were instead directed to a spoof site that was identical to MySpace.
Bochan added, the owner of the fake site stored the usernames and passwords of the original MySpace users to later misuse them. In reality when anything relating to social networking sites is posted on the Internet, it is more likely to get public because phishing sites grabbing that information are more frequent than one can think of. In a large social networking site like MySpace where numerous people interact with each other, a lot of things are said that the creator of the page hadn't.
The two popular browsers - Internet Explorer 7 of Microsoft and Firefox of Mozilla identified the phishing site. Netcraft's anti-phishing toolbar was another identifier. This particular phishing scam involves a password-stealing worm that was able to infect nearly 100,000 MySpace users in December last year.
In his concluding statement Krebs said probably most of the victims were either not using free anti-phishing tools or they fell for the scam before the tools had the opportunity to label the site malicious and blacklist it.
Related article: Scammers Exploit Tax System Resulting in ID Theft
» SPAMfighter News - 22-01-2007