Monday, January 15, 2007

Myspace Phishing Site Exposed Login Details of 60K Users

Via SecurityFix -

An active scam Web site designed to look like the login page for social-networking site MySpace.com appears to have stolen user names and passwords from nearly 60,000 people, according to data in a file that was linked to today from a popular security mailing list.

-------------------------

That mailing list was FD...and those that know...know that you don't want your details to hit that list....that would be bad.

Also check out my friend's post to the SecuriTeam blog.

On another note, it sounds like this was a very poorly designed phishing site. I mean, sure...even bank phishing sites once logged all phished information in a file..but now they rarely do this. Instead the information is directly e-mailed out.

So in the world of phishing, this wasn't a very advanced site...and this only means that things will get worse and worse before they get better. The site was able to phish information from 60k users??

This is perfect proof of the soft target known as social sites.

1 comment: