Click her Booty and Win Free Stolen Account!

We’ve seen this phishing attempt many times, but here is another one using MyspaceTV screenshots that can lure an unsuspecting victim to a phishing website that looks exactly like a login page.

When a user clicks on the image they are redirected to”myispaceverify” domain.

As such, we always recommend not to click on pictures and links sent through messages and comments.

This link was not caught by the Msplinks filter yet so this may prove that Msplinks takes a while to catch every comment or they figured out a way to bypass the filter, but lets not jump to any conclusions yet.

The hyperlink :

(http)myispaceverify(dot)com/index.cfmfuseaction=

login.process&MyToken-wed2c1crexf3-2af0-21-ac41-f7545c34f5c32.htm

Click for Larger

I’ve noticed a few Google searches here and there relate to myspace viruses and information about it. I still see that people still comment on fake profiles but aren’t sure if its real or not. So here’s a handy guide to figure out which ones are fake, you should look for all things below not just one particular category.

Look at their Details

Yes, you should look at it, if their sexual orientation, hometown, religion, and ethnicity is missing, they are likely to be a fake profile. View the example below:

Most of the time Status, and Zodiac Sign is shown, the rest are always missing. This is just a ploy to make themselves look more "bisexual" so they can attract a wider audience of people.

Blogs about Money or Cams

Usually they have one blog entry. They will talk about how they made so much easy money from a free website. "You’ll Laugh When I tell you how I make hundreds a week typing at home." HAHAHA! Yes! Go to their website where they’ll steal your identity! LOL! Watch out for these scammers and their quick money schemes.

Thanks for the ADD, but Who are you?

Often times a fellow falls victim to a sexy hot lady who really is just a computer program telling you to visit their website. Check the comments section, read through them and check for the following;

–Thanks for the Add
Check if the majority of comments are thanking them for the Adds. If you see these too often, they are fake profiles. You should also look for conversations, if you see a person talking about what they did yesterday and a flow of communication is going on, that means they might be legit profiles.

–Macy Cards, Gift Cards, Money Making, Ringtones..
If the majority of comments are about how they got cool gift cards from Macy’s or all these cool ringtones they get from such and such website, these profiles are usually victims of spams or spammers themselves. I mean after seeing so much spam on your myspace page, wouldn’t you delete them?

Spammer Catch Phrases

Poor Keri, she just recently had amnesia and she keeps giving out the wrong links.

Spammers Catch Phrases – DELETE THESE PEOPLE FROM YOUR PROFILE –

Oh my fault I must have gave you the wrong link then. The people I use make make money should be here(click here).  
(46,500 PROFILES SPAMMED)

Hey hun, How have you been doing? NAME told me to let you know about this if you need some extra cash.
(23,300 PROFILES SPAMMED)

I’m flippin’ out from all the free giftcards.
(153,000 PROFILES SPAMMED)

Wow I totally got my second free giftcard for Macys  today in the mail, I cant believe the store salesman  was telling the truth about this site!
(52,500 PROFILES SPAMMED)

See Who is Spying on your Myspace Page.
(Over 455,000 PROFILES SPAMMED)

These numbers are pretty large, maybe if we can catch all the phrases we can come up with an estimate on what percantage of myspace users have been phished.

Can you guess how many profiles this guy has?

There are simple ways to avoid your myspace from getting phished.

3. You Didn’t Update Quicktime.
Can’t stress this enough. Please for the LOVE of GOD update Quicktime now. Yes it will install iTunes, but you don’t need to worry about that program ever unless your trying to buy music from Apple.

Why Should I?
Quicktime has a feature where it can redirect you to any website. So with that in mind, anyone can create a quicktime movie and redirect you to a page out there meant to steal a password. They can also redirect you to a malicious page meant to automatically send spam links to everyone on your friends list. If you want to avoid these things, upgrade quicktime.

2. You Didn’t Update Adobe Flash
Guess What? Old versions of Adobe Flash have the same problem just like Quicktime. It can redirect you to any webpage it wants to. Go to Adobe right now and upgrade your flash player.  

Why Should I?
Because older versions of Adobe Flash can be the gateway towards malicious cross scripting attacks. These can basically take over your profile and send spam links to all your friends.

1. You click on Links in Bulletins, Comments, and Mail.
This is the number one reason why accounts get phished or compromised. When you click a link for that free camera, or free ringtone, or free crap, you can end up to any website that intends to steal your myspace password. You also run the risk of ending up at a site that sends out spam. Don’t trust every link you see, even if its your best friend in the whole wide world. Now Myspace is capturing every link sent from comments and adding a msplinks.com to them. Msplinks.com is a way for myspace to turn off outgoing links so that they can protect you from going to sites known for spamming and viruses. Its a little bit 1984ish but its good enough to protect you in the end.

Extra Tips:
Don’t login to myspace from another computer, such as ones from school.

Are hackers even trying anymore? Its getting even more blatantly obvious that your about to download a trojan. One of the biggest mistakes this one made is that it shows a pornographic image right on the myspace page. So basically this means they are too lazy to make their pages look legit and are trying desperately to get a few guys to click install. Now how long will this profile last with such a TOSable image sticking its booty straight at you. Anyways lets take a look shall we.

The image states "Unable to Run Video" "CLICK HERE TO INSTALL SEX VIEWER" and a woman’s Trap right inside a picture of the Myspace Video Player. Once you click the image you are redirected from the installer page to download MyInstaller.exe, then from there you are presented with a trojan using the Nullsoft installer engine. Thats as far as I can go. To keep things clean here on THIS blog the naughty bits have been removed.

TONIGHT WE DINE IN Long Term Relationships
 = Full Version Here =

Follow these 3 Easy Steps to avoid the viruses and scams on MySpace

Don’t Click links in Bulletins and Inbox

Very easy to follow, most of the time spammers hijack a profile and send links in bulletins everytime telling you to get this or add that. Spammers know minorities can’t resist the lure of free ringtones, they know girls can’t resist adding this cool person they found the other day, they know teenagers can’t resist adult pictures…

Don’t install Programs to View a Profile

Yes all those profiles telling you that you need to install Free Myspace Viewer, or Adult Myspace Viewer, or Funny Video powered by Zango, just avoid them. I don’t care if it has a picture of Tom on it, or a picture of the Myspace Logo, don’t install it.

Login from Myspace.com Only

If you ever see a login page, just type myspace.com in your browser and login from there. Never login from another page other than that. Why? Because there are people making profiles that look exactly like login pages, and some do say "myspace.com/loginhtml" at the top, so if your ever suddenly signed out, just go straight to myspace.com. Also with the new quicktime redirection exploit, they could send you to any page made exactly like the login area of myspace.com