Topics
Tags
Favorite Links
Translate
Pick Your Language
Security Books
Archives
Recent entries...
Twitter
Sponsored Ads
Popular Pages
Sponsored Ads
The Web Security Mailing List

« ModSecurity 2.0 is out | Main | Identifying Risks in the Development Cycle »

MySpace Accounts Compromised By Phishers

"MySpace, appears to have been compromised by phishers who have presented a spoof login form on the main site"

...

"Because the fraudulent login page is hosted on MySpace's own servers and does not exhibit any signs of external content, such as cross-site scripting (XSS) or open redirects, it is convincing and even security-conscious users are at risk of becoming victims. The attack is launched from a profile page, where the username is login_home_index_html, and uses specially-crafted HTML in order to hide the genuine MySpace content from the page and instead display its own login form."

Article Link:
http://news.netcraft.com/archives/2006/10/27/myspace_accounts_compromised_by_phishers.html

Posted by Robert A. on 10/29/2006 in Incidents | Permalink | Reddit

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!


Post a comment







Remember personal info?


Copyright 2000-2009 CGISecurity.com | Privacy Policy| java mailing list| resolve ip| Mailing Lists | Sony deals