14 DAY TRIAL // Since MySpace is a top player in the social networking competition, it's obvious that most attackers turn to its users to conduct phishing schemes and other types of dangerous activities. Today, WCBSTV.com reports that more and more MySpace users are attacked by a phishing scheme which attempts to steal their credentials. The messages sent to the members promise a free $500 Macy's gift card, encouraging them to click on a link asking for the MySpace username and password. The page is pretty similar with the original MySpace login website but instead of logging into the account, the username and password are sent to the attackers without even notifying the users. At this moment, there is only one thing to do: change your password as soon as possible!
According to the same source mentioned above, the messages are often targeting the young MySpace users and are written in a tech-savvy language format.
"Hey dude, check it out! You ain't gunna believe this!" one message reads according to WCBSTV.com. "I'm just hittin you up, as a friend, to fill you in on this exclusive deal to get a FREE $500 Macy's Gift Card, yes, FREE! just answer a question or two and BOOM you got a shopping spree lol!" another one states.
However, it seems like the MySpace engineers already blocked the scam and banned the accounts that were involved in the phishing attacks.
"Individuals who try to spam or phish our members are violating the law and are not welcome on MySpace. We have identified and stopped the primary source of the Macy's Gift Card spam and are making every effort to identify and block the future spreading of this spam," Chief Security Officer Hemanshu Nigam said for WCBSTV.com.
"We are extremely concerned that individuals are being targeted in our name, and when we learn that another person or company is using our brand without consent, we work hard to stop it. However, this can take time, and it also can be difficult to do. Consequently we are advising consumers to protect themselves."
So, next time you receive a link from an unknown source, do not enter your private information unless the website is genuine and it is not supposed to steal the usernames and passwords.