Users let their guard down on social network websites, such as MySpace

When I was at the netcraft website, I was redirected to another interesting article (from the washington post). The WP reports that internet users are very suspicious when they receive spam e-mails, but they let their guard down when they visit a social network website like MySpace, Hyves or Friendster. Therefore they are an easy target for fraudsters to collect millions of login names and passwords that can be abused for identity theft or financial fraud. According to the WP social networking websites are a great target for fraudsters because the users are predominantly youngsters and the culture on these websites encourages sharing of personal information. And that makes these websites a great site for their practices.

Netcraft has found that phishers(*) have placed a spoof login form on the main page of the MySpace website. If a user fills out the form, his/ her login name + password will be send to a remote server in France. Netcraft has warned the MySpace website of this issue.

I believe that this example shows that phishers’ ways of getting login names and passwords evolve. When internet users or website owners find ways to protect themselves or their users against such fraudulent actions, these phishers will come up with new ways to get what they want. Therefore it is imperative that website owners and internet users keep up the pace to these activities and stay informed or come up with up-to-date ways to protect themselves or their users.

The same tendency can be seen with cookies and spyware. These phishers also develop new ways all the time to prevent anti-spyware programs to delete the spyware programs from a users computer. Two years ago, when I was investigating spyware I had installed Ad Aware SE (an anti-spyware program) on my computer and every time I was using this program to delete the spyware on my computer my computer automatically closed down. I asked the system administrators from the University of Amsterdam was was going on and they told me that a spyware programmer had placed a program on my computer that prevented Ad Aware Se to delete the spyware from my computer, so every time ad aware was locating spyware on my computer this program closed down my computer. This example shows that phishers have little or no scruples to get the information they want and this provides a serious thread for internet users and therefore it is imperative that governments help their citizens by tracking down these people and prosecuting them.

(*) Phishers are frauders who attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. (source Wikipedia)

References:

• http://www.washingtonpost.com/wp-dyn/content/article/2006/07/15/AR2006071500119.html
  
• http://news.netcraft.com/archives/2006/10/27/myspace_accounts_compromised_by_phishers.html
• http://en.wikipedia.org/wiki/Phishing
• http://en.wikipedia.org/wiki/Spyware
• http://en.wikipedia.org/wiki/HTTP_cookie