Smells Phishy...
Posted on 1 March, 2008 by maximinus
Today, through new spam detection systems recently implemented on ShrinkThisLink, the free link shrinker, I spotted not one but TWO MySpace phishing scam sites.
One of these used a domain name registered with GoDaddy to redirect to a Google Pages site, which then submitted a form to a free PHP hosting company. The whois information on this domain reads like it was written by a 12-year-old:
The other site, on the other hand, took a while to load, left several images broken and didn't bother with the favicon.
This whole thing raises one important question though: why phish for MySpace accounts? Is there really anything to gain from it, other than perhaps "friends" listed on the site? If that's what you're after, why not try writing an XSS worm or something, rather than outright stealing accounts? I know MySpace attempts to block all such things, but even so, surely stealing accounts is a much slower, less effective way to do it.
One of these used a domain name registered with GoDaddy to redirect to a Google Pages site, which then submitted a form to a free PHP hosting company. The whois information on this domain reads like it was written by a 12-year-old:
Registrant Name:Mike HuntThe phishing site itself was done reasonably well - with the exception of the URL, it looked like MySpace.
Registrant Street1:123 tip top road
Registrant City:UrAnus
Registrant State/Province:California
Registrant Postal Code:90210
Registrant Country:US
Registrant Phone:+1.9119115555
The other site, on the other hand, took a while to load, left several images broken and didn't bother with the favicon.
This whole thing raises one important question though: why phish for MySpace accounts? Is there really anything to gain from it, other than perhaps "friends" listed on the site? If that's what you're after, why not try writing an XSS worm or something, rather than outright stealing accounts? I know MySpace attempts to block all such things, but even so, surely stealing accounts is a much slower, less effective way to do it.
No comments have been posted on this entry.
Post a comment:
Sorry, comments have been disabled.
Sorry, comments have been disabled.