That MySpace Scam
Posted by rexdixon on November 22, 2006
It’s being reported on CNET today as the scam that all of us have heard about already. This is the one that is mainly attributed to MySpace; stealing of accounts and passwords. Back in the day, that was called being “owned”. Now with social networks as abudent and flourishing everywhere, it’s probably a good thing to post here to remind everyone of the scam.
Dubbed a reverse cross-site request, or RCSR, vulnerability by its discoverer, Robert Chapin, the flaw lets hackers compromise users’ passwords and usernames by presenting them with a fake login form. Firefox Password Manager will automatically enter any saved passwords and usernames into the form.
Technically Speaking, I also saw something on digg where some guy ended up posting a bunch of accounts and passwords for MySpace. I have said it before and I’ll say it again, MySpace needs to really beef up their server group.
This entry was posted on November 22, 2006 at 11:27 am and is filed under MySpace, Social Networks, Technically Speaking. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.