Mass MySpace spam attack as phishers strike
Spam filters need update as phishers start using MySpace IDs
Reports are spreading of a mass spamming campaign organised by phishers which uses spoofed MySpace addresses to direct users to bogus web sites.
The ruse uses spoofed MySpace messages, that even contain the regular site boilerplate copy, claim to have a link to a song the recipient might like. Instead the link leads to a site selling very cheap music, but when the user tries to buy then the credit card details are harvested for later use.
"This email has been so aggressively spammed out that many of its recipients are not even MySpace users, so common sense should tell them the email is unsolicited and is to be deleted," said Graham Cluley, senior technology consultant at Sophos.
"By making the headlines nearly everyday, the MySpace brand has quickly become a household name, with 43 million users now signed up. As a result, it was only a matter of time before spammers jumped on its popularity for illegal purposes."
In addition, the sender's email server is positively spoofed; one detection originated from a bank in Japan. The site, which only had its domain name registered on 5 October and claims to be based in Lappeenranta in Finland, has no affiliation with the social networking website.
"This kind of deception resembles criminal renting a Porsche and trying to pass it off as his or her own in order to gain the trust of innocent victims," said Bryan Lu, virus researcher for Fortinet.
The case for a marketing content hub
Transform your digital marketing to deliver customer expectationsDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now
IT faces new security challenges in the wake of COVID-19
Beat the crisis by learning how to secure your networkDownload now