Monday, August 20, 2007

MySpace Has Another Serious Security Problem

A while ago I posted about the huge Myspace AIM virus because it posed a serious threat to a lot of people, well now there is another one. This one is a phishing attempt that has to do with MSPlinks url rather than a virus and for those who don't know a phishing attempt is one someone tries to deceive you into entering in your information so they can steal it and do what they want with it, which in this case is spam other users.

This MSPlink phishing attempt appeared as a comment on my profile page and because I know the user who posted it, I knew something was fishy. She's a nice girl and wouldn't post anything like this willingly so something had to be wrong with it.

It starts out with a comment posted to your profile that says "can't believe she put pics like that on her myspace.. talk about slut.." and along with that is a link to something like http://www.msplinks.fuseaction.MDFodH... and when you copy and paste the URL into your browser, it brings you to a page that looks just like MySpace (see image) asking you to login. Thankfully, FireFox (I haven't tested in IE7) recognizes this page as a phishing attempt and prompts you with a warning that this site is fake but unknowing people will undoubtedly enter their information.

After you enter your information friends on your profile are spammed with the same sort of comment and URL and thats how its grows virally. This one is more tricky then simply a deceiving URL because MySpace actually uses MSPlinks in their URLs to help deter other phishing and spam attacks. So if you go to a profile and enter a comment with HTML, it will redirect through MySpace owned URL "MSPlinks.com" as you can see on just about any MySpace profile.

What to Do If you See This Phishing Attempt
1. Tell the user who's profile you are looking at to remove the comment.
2. Remove this comment from your profile
3. Post a bulletin warning people about this scam (send a link to this blog post for reference if you want)
4. Change your password immediately if you've fallen for this or if this appears on your friends profiles from a comment you did not make.
5. Contact MySpace and tell them to do something about it (contact form here).

Please Comment here if you have any questions or concerns.

By Matt O'Hern at 01:57 PM | Comments (4)

(4) Thoughts on MySpace Has Another Serious Security Problem

MySpace, is that old thing still around?

Comments by Jason : Tuesday, August 21, 2007 at 04:09 PM

Just as a warning to people, you can tell if someone's profile has been phished b/c they will start posting bulletins such as:

"omg i gotta be the luckiest person on earth"

"holy shmokes this is crazy"

that all refer to some bogus site that says you can win an ass ton in clothing gift certificates.

Comments by EV : Tuesday, August 28, 2007 at 03:08 PM

you have it all wrong. msplinks has nothing to do with phishing. its there for myspace to monitor links better.

Comments by none : Friday, September 14, 2007 at 04:40 AM

myspace uses the msplinks in order to be able to shut down indivdual links, to respond to attacks based from within profiles.

now the most common attack is phishing, however it helps to minimize damage caused by any malicious urls.

it also protects myspace from getting penalized for linking to "bad" sites in search engines, and provides a disclaimer.

Comments by Phillip Cameron : Sunday, March 08, 2009 at 01:20 AM

Post a Comment

Name:
Email:
WebSite:
Comment:
Remember Me
Subscribe