Spammers Bypass Myspace Link Protection Scheme

Some time ago, Myspace put in place a link protection scheme. This system is used to counter phishing and other link based spam on Myspace. It allows Myspace to kill any link found to be "evil"....but it seems the spammers have found a way to bypass this protection scheme.

Here you can see a link going to Google.com being redirected by Myspace's protection scheme.



Here, we see a typical Macy gift card spam message. This bulletin was sent to me this evening by a friend that had her account hijacked (most likely phished).



Note the URL in the status bar of the above screenshot. The red text is linking to a third-party website...and it got around the Myspace redirection protection scheme. But how?



See anything odd in that link anchor?? Yep, they have broken the anchor tag all up and even injected random text before the href section...effectively bypassing Myspace's link protection.

Here is a second bulletin posted by the same friend...note the change of the random text.