Mass MySpace spam attack as phishers strike
Spam filters need update as phishers start using MySpace IDs
Reports are spreading of a mass spamming campaign organised by phishers which uses spoofed MySpace addresses to direct users to bogus web sites.
The ruse uses spoofed MySpace messages, that even contain the regular site boilerplate copy, claim to have a link to a song the recipient might like. Instead the link leads to a site selling very cheap music, but when the user tries to buy then the credit card details are harvested for later use.
"This email has been so aggressively spammed out that many of its recipients are not even MySpace users, so common sense should tell them the email is unsolicited and is to be deleted," said Graham Cluley, senior technology consultant at Sophos.
"By making the headlines nearly everyday, the MySpace brand has quickly become a household name, with 43 million users now signed up. As a result, it was only a matter of time before spammers jumped on its popularity for illegal purposes."
In addition, the sender's email server is positively spoofed; one detection originated from a bank in Japan. The site, which only had its domain name registered on 5 October and claims to be based in Lappeenranta in Finland, has no affiliation with the social networking website.
"This kind of deception resembles criminal renting a Porsche and trying to pass it off as his or her own in order to gain the trust of innocent victims," said Bryan Lu, virus researcher for Fortinet.
Digital Risk Report 2020
A global view into the impact of digital transformation on risk and security managementDownload now
6 ways your business could suffer if you don’t backup Office 365
Office 365 makes it easy to lose valuable data regularly, unpredictably, unintentionally, and for goodDownload now
Get the best out of your workforce
7 steps to unleashing their true potential with robotic process automationDownload now
8 digital best practices for IT professionals
Don't leave anything to chance when going digitalDownload now