Google Investigates MySpace Scams

Wondering why the majority of MySpace accounts were recently hijacked?

The answer was revealed in an entry on Google's Online Security blog. "Starting in mid-March, the number of page views generated on phish sites increased five-fold, with almost all (95 per cent) targeting the popular social networking site." (Source: net-security.org)

The reason for the rapid increase: MySpace makes it easy for con-artists to identify and win the trust of individuals associated with specific companies. Since many people use the same login information for multiple web accounts, once a MySpace client's password is hacked, the user's online banking, email, and other personal databases are also at risk.

In a MySpace scam, the networking site itself is the bait. Google employees, in an attempt to understand how the fraud works, made false accounts and sent their login information to the scammers. Google came to the conclusion that, "the injection of a simple CSS code into a profile is all it takes to infect the page so that clicking anywhere on it, including what appear to be legit MySpace links, will redirect a user to a phishing page." (Source: theregister.com)

Google's test also revealed that MySpace users need to be more careful in watching out for such scams. Although warnings highlighted specific spoof sites, users still complained that fraudulent destinations were preventing them from accessing photos and other MySpace features.

The good news is that MySpace scamming rates show decline. Google believes the reduction is the result of an update in MySpace's server software, which allows administrators to cut dangerous links within user profiles. However, MySpace clients are not safe yet; the link filtering software works only on the comments section of a user's profile, not on the profile itself. (Source: theregister.com)