CibbuanoMyspace users be warned
November 25th 2006 00:40
I don't know how many of you are myspace.com users but it is becoming more and more prone to phishing attacks as each day goes by. Here are some of the recent things that happened with myspace that is a real cause for worry.
* Just two days back a Digg.com user posted 50,000 logins and passwords to myspace.com. Digg has taken off the page but the damage must have already been done. I wonder how many of the users out there know about this and there passwords could be
* Just recently a fake log in page that re-directed to a server in France was taken off by myspace. The scary part is that it is just one among the thousands out there in myspace. Mashable labs reported there could be at least 3000 fake myspace pages out there that uses the myspace page and then re-directs it to a different server.
*With the recently exposed security flaw in the password manager in Firefox 2 it is even possible to get username and passwords through a popular page like myspace by not even being necessary to have the malicious page directly on myspace page.
* Myspace was hit just a few days back with the fake youtube video scam. There were youtube like videos on myspace pages which was actually static image of a porn pic and *when users clicked on it thinking it was an youtube video it re-directed the user to the url yootube.info and there the users were asked to dowload a program to view the video and which contained spywares. There are supposed to be atleast 1500 pages now in myspace.com with this kind of stuff.
Well these are very recent stuffs. Myspace has alwasys been prone to attacks like this. It was not long back when myspace users were hit by a worm. And there have been users commenting about getting a virus (or may be a spyware) through the myspace page.
So all myspace users better keep your mind over matter and don't fall for all these honeypots the attackers lay out there.
On that note I would like to share some simple tips with regard to myspace.
*Don't log in through any other pages except your own page. Like when you click on a pic on someone's myspace page and want to view the pics don't log in through that page when it says "you need to be logged in to do that" Go to your page and log in through your page.
*Firefox 2 users should disable the password manager and auto fill ins so should IE 7 users. This is because a very recent security flaw in the password managers of both the browsers was discovered that allowed phishing attackers to get the passwords.
*Don't fill all that myspace surveys with your personal details that gives out almost everything about you.
*Use a different password and email address only for myspace.( This also applies to any websites)
*Before clicking on any links look at the url where it takes you to.
*Don't go to pages that are unusually enticing and looks like a page meant to draw in users. Myspace.com as you know allows users to load graphics and code onto the pages and this allows malicious people to toy with this freedom. Some pages can even crash a browser.
*Just like any other place on the net don't give out sensitive details to strangers.
*Make your profile private if there are too many senstive informations.
*Use the netcraft tool bar and the latest versions of FIrefox which is version 2.0 and Internet explorer ver 7 both of which has Anti-phishing turned on by default. OPera's latest version (9.1) to be released soon will also have anti-phising but it is said that it won't be turned on by default.
If you guys need more tips you can check out my article "Everything about phishing attacks" here.
| 71 |
| Vote |
Subscribe to this blog
