It could happen to you: first, you receive a link from one of your MySpace friend saying that you have to watch this awesome video. You click on it and then you get asked to re-enter your password. Don’t do it! It’s one of the many tricks used by web thieves who thus collect email addresses to spam. Some are profile thieves who then use your MySpace account to post advertising bulletins to all your friends. Worse, they can lock you out your account by changing the password. Finally, they might even try to steal your real life identity. As many people use the same password for their email account and their MySpace profile, they can thus access your email box and all personal data that is in there. Moreover, they can send requests to reset your passwords to PayPal, eBay, anyone you have an account with, and use these accounts as well.

MySpace unfortunately has to face more and more attacks like these. The site is victim of the same thing that caused its success: it’s easy to use and its users database is expanding rapidly. It has now become the first largest destination by page views on the web in the US and claimed 106 million accounts on September 8, 2006.

MySpace allows people to customize their profiles and exchange music, pictures or videos. These are also used by criminals to attract their targets. Some of MySpace users are quite unaware that their “friends” can take advantage of their trust. They have no way to check that the profile with a picture of a sexy girl is actually a fake one built up by digital vandals. If they agree to her “friend request”, they could then receive emails prompting them to access sexually explicit websites. Or they could be invited to download viewers which actually install spyware, a computer software which collects personal information about users without their informed consent.

Accordingly, there is a growing concern for the site to guarantee the security of its users. Otherwise MySpace faces the risk of losing users and the advertisement revenues which go along. The security team has thus increased its efforts to prevent attacks and track the most dangerous offenders. For example, they create false profiles to present themselves as naïve teenagers or vulnerable grown ups so as to lure spammers and potential criminals. They also plan to focus on educating their users to be more sensitive to security and privacy issues.

Several events have already led to judiciary procedures. In June 2006, a 14-year-old girl sued My Space and its owner News Corporation; claiming she was sexually assaulted by a 19-year-old user, she asked for $30million in damages. Though this case sounds rather absurd, the danger is real.

Some users are already registering with other social networking websites less popular and consequently safer. But eventually if they become more successful, they will face the same problems. The real solution is to follow some basic security guidelines:

-    Do not enter you’re my Space login and password on any page of which the URL is not a myspace URL.
-    Never click on a link in a bulletin, comment or message which looks suspicious, it might be an attempt to steal your profile
-    Make sure you are not using the same password for your email box and your MySpace account
-    If you receive a weird bulletin from one of your friends, email them immediately to alert them.

TrackBack URI for this entry