New Hacking Technique Redirects MySpace Visitors to Phishing Site

As per security experts at Websense, a new phishing method has been found. Ali Mesdaq, Security Analyst, Websense, explained the method in his blog post and alleged that this recent method permits a cyber criminal to produce distorted anchor tags with design feature that covers almost all the clickable pages with any link the hacker desires, reported SCMAGAZINE on February 26, 2008.

As per the security analysts, the latest phishing method has already been spotted in MySpace Websites where the traffic gets diverted to an online adult dating site alongside various dubious actions. The distorted anchor tags appear to bypass MySpace's parsing that normally converts links to own redirect format off of their own domain msplinks.com.

Moreover, the security analysts said that this recent method assists phishers to redirect profile surfer to a remote site.

As per Mesdaq, an unwary consumer might attempt to open what usually is supposed to be a secure link hosted on MySpace like the "View My: Pics" link on all profiles. But due to the presence of the phishing link, visitors are forwarded to an outside Website.

Referring to the latest kind of hacking method, Websense declared that it has discovered a music profile with more than12 Million page views and more than 435K contacts utilizing a phished link to a Website that diverts visitors to a number of times till they at last reached a MySpace phishing Website.

Websense also said that it kept an eye on the corrupted client profile and observed that the link to the phishing site has been updated. According to the firm, it happened most probably because of shut down of the phishing site.

Mesdaq observed that the method also utilizes viral advertising methods to persuade consumers to copy and attach a piece of the domain address into their personal profiles. This should provide visitors' updates to the Website they're connected to, but actually, this piece of code is simply directing the link to MySpace's phishing Website.

Explaining the latest phishing method, Stephan Chenette, Security Labs Manager at Websense, stated that it appears to be a trend wherein consumers are trying to discover an alternate solution to prevent their links from being filtered through Web 2.0 sites, as reported by SCMAGAZINE on February 26, 2008.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 3/3/2008