Image attack on MySpace boosts phishing exposure from Mary Ellen Zurko on 2007-06-13 (public-wsc-wg@w3.org from June 2007)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Wed, 13 Jun 2007 18:26:50 -0400
To: public-wsc-wg@w3.org
Message-ID: <OF62EE77EE.5100B054-ON852572F9.007B33F7-852572F9.007B4EE7@LocalDomain>

Sweet.


----- Forwarded by Mary Ellen Zurko/Westford/IBM on 06/13/2007 06:25 PM 
-----

http://www.securityfocus.com/brief/522

Image attack on MySpace boosts phishing exposure
Robert Lemos 2007-06-11
The number of page views garnered by fraudulent sites climbed by a factor 
of five in March and April, fueled by a phishing scheme targeting MySpace 
users, stated a Google analysis published on Monday.
The attack used a modification to the style sheet of a user's profile to 
place a transparent image over the page, causing a click on a link -- or 
anywhere else on the page -- to redirect the visitor to a fake MySpace 
login page, Colin Whittaker of Google's Anti-Phishing Team, stated on the 
search giant's security blog.
"The effectiveness of the attack and the increasing sophistication of the 
phishing pages, some of which were hosted on botnets and were near perfect 
duplications of MySpace's login page, meant that we needed to switch 
tactics to combat this new threat," Whittaker stated.
Phishing -- using fake e-mail messages and Web pages dressed up with the 
brand names of trusted corporations -- have increasingly been used to 
trick victims into giving up their valuable information. An e-mail posing 
as a complaint from the Better Business Bureau has recently been targeting 
the executives as small- to medium-sized business in a scam designed to 
shake free usernames and passwords from key corporate personnel. While the 
current attack spreads virally through MySpace, actual viruses and worms 
have been created for the social networking site.
"While a MySpace account does not have any intrinsic monetary value, 
phishers had come up with ways to monetize this attack," Whittaker said. 
"We observed hijacked accounts being used to spread bulletin board spam 
for some advertising revenue."
In mid-April, MySpace changed their server side code to disable bad links 
in users' profiles and the traffic to known phishing sites dropped down to 
its pre-March levels, he stated.

Received on Thursday, 14 June 2007 15:57:37 UTC